From nobody Sat May 23 20:59:17 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1779180012; cv=none; d=zohomail.com; s=zohoarc; b=TFjJFqoHFwj3apxpBj87vexEA4jAqS8kuUnyXbm1X3+kSW59q+OWgb4C6duCtpyCINpMTEvaC4mTjs3jdlDg1xweehn1fu5RSDP2V1cSiQzS7VhFtbs+LByLH+a3sU1cpbJ4OVRIqtoScM3A3Ep7NnwZ1lkS2pkJZV32og9timQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1779180012; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=mN0HIj7hPfFykJ64wvxm1nWm1JGJKJwdvn0hxtsjuhM=; b=VtKG6OdQiRQvZywa8GlLxomagE/jBn4QKYt3oaie5i3hs6/mSY19YSiRBD/TgxjJh8WMu9YPEAFoxKBndILLYmF43Pb41IJ/e2BrJ70S24aFhHxWb3OqJiadrLcaulCTv3S4DQKj/IRhmw6ieoQpZeKVgHf+NsZ6sDjM8PZP42M= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1779180012756612.2871577649432; Tue, 19 May 2026 01:40:12 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.1312577.1582655 (Exim 4.92) (envelope-from ) id 1wPFzK-0001od-VK; Tue, 19 May 2026 08:39:42 +0000 Received: by outflank-mailman (output) from mailman id 1312577.1582655; Tue, 19 May 2026 08:39:42 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1wPFzK-0001oV-RS; Tue, 19 May 2026 08:39:42 +0000 Received: by outflank-mailman (input) for mailman id 1312577; Tue, 19 May 2026 08:39:41 +0000 Received: from mx.expurgate.net ([195.190.135.10]) by lists.xenproject.org with esmtp (Exim 4.92) id 1wPFzJ-0001lN-4T for xen-devel@lists.xenproject.org; Tue, 19 May 2026 08:39:41 +0000 Received: from mx.expurgate.net (helo=localhost) by mx.expurgate.net with esmtp id 1wPFzI-00CbtC-Fy for xen-devel@lists.xenproject.org; Tue, 19 May 2026 10:39:40 +0200 Received: from [10.42.69.1] (helo=localhost) by localhost with ESMTP (eXpurgate MTA 0.9.1) (envelope-from ) id 6a0c21ca-bab6-0a2a0a5309dd-0a2a45018a9a-22 for ; Tue, 19 May 2026 10:39:40 +0200 Received: from [209.85.218.53] (helo=mail-ej1-f53.google.com) by tlsNG-d62444.mxtls.expurgate.net with ESMTPS (eXpurgate 4.56.1) (envelope-from ) id 6a0c21cc-c1f2-0a2a45010019-d155da35a5c4-3 for ; Tue, 19 May 2026 10:39:40 +0200 Received: by mail-ej1-f53.google.com with SMTP id a640c23a62f3a-bd2e8931915so818301366b.1 for ; Tue, 19 May 2026 01:39:40 -0700 (PDT) Received: from fedora (user-109-243-69-121.play-internet.pl. [109.243.69.121]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-bd4f4c2a0dasm689854066b.19.2026.05.19.01.39.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 May 2026 01:39:39 -0700 (PDT) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" Authentication-Results: eu.smtp.expurgate.cloud; dkim=pass header.s=20251104 header.d=gmail.com header.i="@gmail.com" header.h="Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1779179980; x=1779784780; darn=lists.xenproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=mN0HIj7hPfFykJ64wvxm1nWm1JGJKJwdvn0hxtsjuhM=; b=ETaQEUEnQZUyQAs3rbO/Sg1DIHp6rgLcdAfF4Oh2H6bt1neKJNtVK7Fv8p7JQg6608 pvNl+0cCyc7A7RHkyJ6B8sWUN40i5sAZQzNEmYPR7t0vb151FQQDU3n2hW/OefxaJO2g Pawgtw8JWSvISqIgO48R+TttryKZi40wBxAvyWGsIvniqbShj6wNj54O4D6R5zdC4rEJ UnZMydGh0wSr0JWQmDTuC64IVcyEAEULll6qs2c9SQzHWZ3SdUkYaLJguGBG6L5rEYHH oaFpGwxxPzZ/wnEbSTm/v+AkSpBwaT32tlBaP7k4rn+REV9KzDMyvcWwpmcjJ+uZyqkj +kag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1779179980; x=1779784780; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=mN0HIj7hPfFykJ64wvxm1nWm1JGJKJwdvn0hxtsjuhM=; b=pslW0qkHtLj7Lgt/tYiz2pibtcN1bG24nxKkRsatVerya4xyYgkNVuIGtTfM7mURFO Lis28+5lGPq0Zwj4ZVvx9mvn3tNQ4ieYheUDdNUW0480JzqSMZTnl3DeKRyKaMdmEmC1 9bkRn6NTo06lZC3TBD6/KlbCz3GziU4N7IeBNBhkdS+kmib3RSs0bmY/ONy9a7JNoC6B I1XLuVDaKp7chrW4MQOJ1NTTTB5No9vsDAFoh4w/pD04AM29YdJFieZauM2CchN67zys onrEhxc4ZsbmZpV/uiMXLS9meGh32nLjA1S6hVpxMku7Ake8yNkZPx7Ci1VOnJbn1Uhi kvgA== X-Gm-Message-State: AOJu0YwwyPXL4Yq3sQRMy7cbAgeiL36thEs98W/MJ7bTMENZnpksxQET 7ibb5z7TVogvI5KBt2c8IEncgPwgVGHyckpNrue5B89IgRksP7lz9826wQqKqw== X-Gm-Gg: Acq92OGmOrK2LjzXJ/ATcYSVrWi1RsvyY69JC0vgmEfJedaS/d5AZeWoj95r+Kws/2/ zWabYVXx1EGMkLd4/gvJJ9h0aHxNvnsJI4zz5B2Qn8m2FIzqlrdZT3jvJnjf95+CFTuOyI5/IJU SLnqFIFrm8tSTHnIU11MnIQn+RqC9mBJ6qkdfbtvKiN9cTpwzzS/TYyLODSoEpBwXiE8XhACoVy lwjkFTEIzBChoUWLtNo/DR3V4krOlc6ajEtAunHUXQV2J7ZE613sjJ4aZKjYn03rqlEny9s6idl 3JqEkvRJ9Wqjn2UzRE1LOdO4SV8mUseiocrxv7MaBHTzrqHaYV3iHGz6y4BuULi8DCJ6GG1SNAG xAX0vSOz2b+qW/w5nEstDYt1DtYSyWT6ek+BaXsx/iv0hatMtQk4xJNcxaYIKZUYORi/rlfR4Px hGTZs/imkmztMX10p5+7wqkC3Pb49ZA2Tgc8lxrxb3zdfno7kUtBrc9jKrTRN0oA5lbQ== X-Received: by 2002:a17:907:940d:b0:bd4:f2c7:25e2 with SMTP id a640c23a62f3a-bd51534c830mr839814166b.5.1779179979517; Tue, 19 May 2026 01:39:39 -0700 (PDT) From: Oleksii Kurochko To: xen-devel@lists.xenproject.org Cc: Baptiste Le Duc , Oleksii Kurochko , Alistair Francis , Connor Davis , Andrew Cooper , Anthony PERARD , Michal Orzel , Jan Beulich , Julien Grall , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Stefano Stabellini Subject: [PATCH v1 1/3] xen/riscv: fix switch_stack_and_jump() Date: Tue, 19 May 2026 10:39:26 +0200 Message-ID: <1ac102874c8f7190ea09787a035692b03e4b46cf.1779179301.git.oleksii.kurochko@gmail.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-purgate-ID: tlsNG-d62444/1779179980-B6143FF4-F7C4C7EB/10/73395122804 X-purgate-type: spam X-purgate-size: 2802 X-ZohoMail-DKIM: pass (identity @gmail.com) X-ZM-MESSAGEID: 1779180013876158500 The following compilation issue occurs when UBSAN related stuff is enabled: prelink.o: in function `smp_processor_id': /build/xen/./arch/riscv/include/asm/current.h:46:(.init.text+0x274e2): relocation truncated to fit: R_RISCV_JAL against `init_done' make[2]: *** [arch/riscv/Makefile:45: xen-syms] Error 1 The switch_stack_and_jump macro uses "j " #fn which assembles to JAL x0, init_done is a RISC-V J-type instruction with only =C2=B11MB range. Without UBSAN, .init.text is small enough that init_done (which lives in .text, not .init.text) is within 1MB of the JAL. With UBSAN enabled, all the instrumentation calls bloat .init.text well past 1MB, so init_done is now >1MB away from the JAL. The linker tries to truncate the 20-bit J-type offset and fails. The linker confusingly attributes the error to smp_processor_id:46 because the compiler inlines that function into the same init function that ends with switch_stack_and_jump, and the debug info places the JAL within that inlined scope. Note that the `tail` instruction looks more natural here, but the `jr` instruction is chosen instead to avoid depending on how the assembler expands the `tail` instruction and which register it uses as a scratch area (`t1` in the case of GAS), which would then need to be listed in the clobber section of `asm volatile`. Fixes: e66003e7be199 ("xen/riscv: introduce setup_initial_pages") Signed-off-by: Oleksii Kurochko Reviewed-by: Baptiste Le Duc --- xen/arch/riscv/include/asm/current.h | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/xen/arch/riscv/include/asm/current.h b/xen/arch/riscv/include/= asm/current.h index 5fbee8182caa..cc004670d18c 100644 --- a/xen/arch/riscv/include/asm/current.h +++ b/xen/arch/riscv/include/asm/current.h @@ -51,11 +51,11 @@ DECLARE_PER_CPU(struct vcpu *, curr_vcpu); #define vcpu_guest_cpu_user_regs(vcpu) \ (&(vcpu)->arch.cpu_info->guest_cpu_user_regs) =20 -#define switch_stack_and_jump(stack, fn) do { \ - asm volatile ( \ - "mv sp, %0\n" \ - "j " #fn :: "r" (stack), "X" (fn) : "memory" ); \ - unreachable(); \ +#define switch_stack_and_jump(stack, fn) do { \ + asm volatile ( \ + "mv sp, %0\n" \ + "jr %1" :: "r" (stack), "r" (fn) : "memory" ); \ + unreachable(); \ } while ( false ) =20 #define get_per_cpu_offset() __per_cpu_offset[smp_processor_id()] --=20 2.54.0 From nobody Sat May 23 20:59:17 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1779180013; cv=none; d=zohomail.com; s=zohoarc; b=U5Jidgnl/yc6UhNnALAF2RqNEtZNUyGVXK+k7utMdwYr2YZkhUP8MVEUw/S+O6+YOvMQhxW8IgZtYCFTrJwCfNJXWbIOKs7/gfnC2d2RdzneKt29qlwzFHU6qS4gEuN9Ei5upeVoPboqzMpAHzMXIYQfbyvcaHQrNZ0FXG53Y2s= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1779180013; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=Tpe2zS75TI9kaVvsRUyajjZY4M6ywZ8rkBfskJkU/50=; b=BqaDqhXKdPuFTWCmXAo+Z8dXDIqqgcUgsT/Nt/whhQlpraCQOI3vx3rg3qH4d2EUdycro+OMatFueG+ty00UDDx/sEgGsnLQ69SOjtmOg9oJMvF0geXu5aEr/2I+c3NDcv3sapEMkH+7xc1sf0a6qzOmOEZVNPZyLixr1W0gI/s= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1779180013716790.2797144928346; Tue, 19 May 2026 01:40:13 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.1312578.1582661 (Exim 4.92) (envelope-from ) id 1wPFzL-0001yZ-C3; Tue, 19 May 2026 08:39:43 +0000 Received: by outflank-mailman (output) from mailman id 1312578.1582661; Tue, 19 May 2026 08:39:43 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1wPFzL-0001wD-8P; Tue, 19 May 2026 08:39:43 +0000 Received: by outflank-mailman (input) for mailman id 1312578; Tue, 19 May 2026 08:39:42 +0000 Received: from mx.expurgate.net ([195.190.135.10]) by lists.xenproject.org with esmtp (Exim 4.92) id 1wPFzK-0001lU-Bl for xen-devel@lists.xenproject.org; Tue, 19 May 2026 08:39:42 +0000 Received: from mx.expurgate.net (helo=localhost) by mx.expurgate.net with esmtp id 1wPFzJ-00CbtC-Nx for xen-devel@lists.xenproject.org; Tue, 19 May 2026 10:39:41 +0200 Received: from [10.42.69.1] (helo=localhost) by localhost with ESMTP (eXpurgate MTA 0.9.1) (envelope-from ) id 6a0c21ca-bab6-0a2a0a5309dd-0a2a45018a9a-28 for ; Tue, 19 May 2026 10:39:41 +0200 Received: from [209.85.218.43] (helo=mail-ej1-f43.google.com) by tlsNG-d62444.mxtls.expurgate.net with ESMTPS (eXpurgate 4.56.1) (envelope-from ) id 6a0c21cd-c1f2-0a2a45010019-d155da2bc5c1-3 for ; Tue, 19 May 2026 10:39:41 +0200 Received: by mail-ej1-f43.google.com with SMTP id a640c23a62f3a-bd85ebb368fso379873466b.1 for ; Tue, 19 May 2026 01:39:41 -0700 (PDT) Received: from fedora (user-109-243-69-121.play-internet.pl. [109.243.69.121]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-bd4f4c2a0dasm689854066b.19.2026.05.19.01.39.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 May 2026 01:39:40 -0700 (PDT) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" Authentication-Results: eu.smtp.expurgate.cloud; dkim=pass header.s=20251104 header.d=gmail.com header.i="@gmail.com" header.h="Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1779179981; x=1779784781; darn=lists.xenproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Tpe2zS75TI9kaVvsRUyajjZY4M6ywZ8rkBfskJkU/50=; b=PPgnDByba1E0UaFrNzNEZxYBTQjTEUk6xGS68fddx/i8ORaAqBggiluLTiYi2O+U+2 4N6Y8siJMBCCGdmDJBZtj6SJFxe23oNNntBAJ63lk4o7729VMZbUxwp9okJ7uAY7T1E3 zsH+Z5D4iS1K/kgGi1thshryq1JbSBa8rmsb2uXWMpR2tKXGWBADpMw3NH3f6bmp7Vb4 XVbXi0NpcsJuA53HqDYg6dr5TfzjlU4UAhY0Pt5choGLC3N0l3ZQEwiiMO0Q3Fhz23It /mB/lOwccQziS5Qo86MMRslwAIHisUp/Il5FT8BBEMi1Zy+08M2EepgZV6BS1xKu8mcc N3Sw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1779179981; x=1779784781; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=Tpe2zS75TI9kaVvsRUyajjZY4M6ywZ8rkBfskJkU/50=; b=A3Tyn/6i2ZHcXOUmTVg1is62FibCvDmRFu33RXUq+EGEUadpB3cVbZKGJNkI6Fli6B Uuu+PsRIL8zK5KMdC7GnJiHAng5VMoGiWqs85jjQIWK9q2HRtkTSwGaq5UoXXPd4nmkw C6O6xNim7gyUl4JrTtWgdPBwNjbnc+F/Ar5fOlu25B2fKLCfUR4ZJPBN1cw+Y2xowyL+ xCEd8sd94dTSjE+KCwi1lA8Psddff41Q7STvj/eA/XQKDnxmEgdSsfpvp5Yrac+SLm5A 6uHqbMTJy5yPwphE9M3Pa1dsQwYN/aXa4v8rwBKMyUQQOLX9bNUMXyUkMeZL26Kc3e2j tC0g== X-Gm-Message-State: AOJu0YzTYyY2vS2QYtR/yGUdGIUZMJCyzZTjX7v9OTL+XB1jhX05HYBn t3IPzSAMu5J165vRNUWOSSRCLwZufQmAH6exwkHOUSeq3ledZdcl28uhy55MeQ== X-Gm-Gg: Acq92OGhV5KfVSvfXMdYoSi6wNKJnNZqaweirrev/xBnC2bd5spQz3zkb2RGg8PM1YM Fbt9mEGur7XoocAWdRuyVgm1WMTvSmvxkMKGI8teKHuI23odneFIGpC0SaGhEe6j6VGH5Jl5bdG sOZoHbrML6QLv2xLR6owBC6Hvmh76eKDbTpuvrmxHPMf3/VXL1IawtD9pAdD0l0woAxjeU5NshH hepcYtAzfSmfnQyNhysPXsAldX+X6/hbfUgBqpN0jKvbW5lMbSMhpkfo+dMzj32/srzZlUt0cw/ Z2jcClftYzuuyN2yPUm/1PGPS51ffd4Xu33uydGXivRLWC8LUkgBEeoQV9cGZY36yL5gkrWW3Wb D/39RsB/gEjkFJNXXWmQv0oENgKAOMQLGRcTwYlMJisea4gkXdmxvcHGEJP2avPhbM6i97wtaZY VvAjewb7v1gk/saw+rGfMlHzBGCAh/7NXdR3Qoghwig4Tp4Qsh7oMtKPjeW0ymljB+XA== X-Received: by 2002:a17:907:8b98:b0:bd3:413d:c51a with SMTP id a640c23a62f3a-bd5178848demr1060331166b.17.1779179980677; Tue, 19 May 2026 01:39:40 -0700 (PDT) From: Oleksii Kurochko To: xen-devel@lists.xenproject.org Cc: Baptiste Le Duc , Oleksii Kurochko , Andrew Cooper , Anthony PERARD , Michal Orzel , Jan Beulich , Julien Grall , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Stefano Stabellini Subject: [PATCH v1 2/3] xen/domain: fix UBSAN null pointer dereference in vcpu_info_reset() Date: Tue, 19 May 2026 10:39:27 +0200 Message-ID: <09ae75638f9e7991163ed3633e7a60461d93da70.1779179301.git.oleksii.kurochko@gmail.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-purgate-ID: tlsNG-d62444/1779179981-ADB46FF4-E3BB11CA/10/73395122804 X-purgate-type: spam X-purgate-size: 1849 X-ZohoMail-DKIM: pass (identity @gmail.com) X-ZM-MESSAGEID: 1779180016312154100 Content-Type: text/plain; charset="utf-8" vcpu_info_reset() maps v->vcpu_info_area.map to the per-vcpu slot inside the domain's shared_info page for vcpus with id < XEN_LEGACY_MAX_VCPUS, and falls back to dummy_vcpu_info for vcpus beyond that limit. However, it does not guard against d->shared_info being NULL. The shared_info() macro expands to a member access through d->shared_info, so when an architecture does not allocate a shared_info page the dereference triggers UBSAN: UBSAN: Undefined behaviour in common/domain.c:325:10 member access within null pointer of type 'struct shared_info_t' Extend the existing fallback condition to also cover the case where no shared_info page has been allocated, mapping the vcpu to dummy_vcpu_info instead. This is the correct behaviour: dummy_vcpu_info already serves as the safe stand-in for vcpus that have no usable shared_info slot. Fixes: 295514ff75506 ("common: convert vCPU info area registration") Signed-off-by: Oleksii Kurochko Reviewed-by: Baptiste Le Duc --- RISC-V does not allocate a shared_info page at the momemnt because its guests run in dom0less mode and do not use the Xen PV ABI, so d->shared_info remains NULL throughout domain lifetime. --- --- xen/common/domain.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xen/common/domain.c b/xen/common/domain.c index bb9e210c2895..e64b7df9b704 100644 --- a/xen/common/domain.c +++ b/xen/common/domain.c @@ -320,7 +320,7 @@ void vcpu_info_reset(struct vcpu *v) struct domain *d =3D v->domain; =20 v->vcpu_info_area.map =3D - ((v->vcpu_id < XEN_LEGACY_MAX_VCPUS) + ((v->vcpu_id < XEN_LEGACY_MAX_VCPUS && d->shared_info) ? (vcpu_info_t *)&shared_info(d, vcpu_info[v->vcpu_id]) : &dummy_vcpu_info); } --=20 2.54.0 From nobody Sat May 23 20:59:17 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1779180007; cv=none; d=zohomail.com; s=zohoarc; b=g8FLewkCM96n1vzGLyrjMoq+9sFO5JlOLBrhARE5jfJ+TsuScBK4XGej8BHNUtIbKD24HfY2VHAlZMSfuVhNT19NjX2O7pX+h77UpjYZbg6kbT988nYm3/ZVZ5F81uPFASsFlKfUhap7xskfSf3Pf1+eIpx4Bvu6zJQs+4gn9fw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1779180007; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=34U+gzhvif9A/R9ljb0v070dq+nUEolj8ya2xM2qXEY=; b=A3m5didrgqifOW4PebHkpxkx/n+E/KVVutaZmv4ajAnRpeLXm2e+o8XmP8Ejxc1sIoDx/NS9Z/8R78M6AVlofc6knMJNSiJ7iNr7igJfQb9TydtEi3vORVVwQbq37165Nuo1QGhgpfvK/TkizbTUNVtlSjDI4zD3gmlEaeI7PAw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1779180007669244.16117632777298; Tue, 19 May 2026 01:40:07 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.1312579.1582678 (Exim 4.92) (envelope-from ) id 1wPFzM-0002ON-JV; Tue, 19 May 2026 08:39:44 +0000 Received: by outflank-mailman (output) from mailman id 1312579.1582678; Tue, 19 May 2026 08:39:44 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1wPFzM-0002OG-Fn; Tue, 19 May 2026 08:39:44 +0000 Received: by outflank-mailman (input) for mailman id 1312579; Tue, 19 May 2026 08:39:43 +0000 Received: from mx.expurgate.net ([195.190.135.10]) by lists.xenproject.org with esmtp (Exim 4.92) id 1wPFzL-0001ss-9p for xen-devel@lists.xenproject.org; Tue, 19 May 2026 08:39:43 +0000 Received: from mx.expurgate.net (helo=localhost) by mx.expurgate.net with esmtp id 1wPFzK-008Zic-Lu for xen-devel@lists.xenproject.org; Tue, 19 May 2026 10:39:42 +0200 Received: from [10.42.69.10] (helo=localhost) by localhost with ESMTP (eXpurgate MTA 0.9.1) (envelope-from ) id 6a0c21bd-2eae-0a2a0a5409dd-0a2a450ab5b8-44 for ; Tue, 19 May 2026 10:39:42 +0200 Received: from [209.85.218.47] (helo=mail-ej1-f47.google.com) by tlsNG-4011c0.mxtls.expurgate.net with ESMTPS (eXpurgate 4.56.1) (envelope-from ) id 6a0c21ce-56b3-0a2a450a0019-d155da2fd44c-3 for ; Tue, 19 May 2026 10:39:42 +0200 Received: by mail-ej1-f47.google.com with SMTP id a640c23a62f3a-bd9a71b565aso58907866b.0 for ; Tue, 19 May 2026 01:39:42 -0700 (PDT) Received: from fedora (user-109-243-69-121.play-internet.pl. [109.243.69.121]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-bd4f4c2a0dasm689854066b.19.2026.05.19.01.39.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 May 2026 01:39:41 -0700 (PDT) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" Authentication-Results: eu.smtp.expurgate.cloud; dkim=pass header.s=20251104 header.d=gmail.com header.i="@gmail.com" header.h="Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1779179982; x=1779784782; darn=lists.xenproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=34U+gzhvif9A/R9ljb0v070dq+nUEolj8ya2xM2qXEY=; b=PlZTvmlb9K5nLl7HiW/UVlkFHoplbXM6b0UjvAuLb2Lfi1Sbbnt1I3hb/VF3oalfuw EZ/HvAEAi8wiJtF0qz3CKjh8qdDfFQYWm4HH3arUbv1ym+8WsdiRcu7oeDL3V8MmuLmD YyhXhhJTw4TpC0epe1WCD8S2CLcCQ/yAvAhASzhd/DrGDiid0poCTOoithgTwjDs9Ezi wqiqTX/hZhPa1PKz6GBfMoStxNoxHe3fYAJ4hbZqmOOhsbG1GT2Kpmo0uWa1tbH75z/m yLfwVaeSc9DH1ot8CQaHbUJ1yiT+GWKKHcP1U3Vm4xpzGhrXmv1J7iWtqHtKAt2q2yXY jeuw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1779179982; x=1779784782; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=34U+gzhvif9A/R9ljb0v070dq+nUEolj8ya2xM2qXEY=; b=q5pLdY01zi7a3ADn+dWgzW3z/OxrI55p+8UKx+xpZkmXeMXT1c72ofbAL0iaXztSPR aasmG/TpGvgiw2+PrK38yn6IzfAJwNzFNjq1Cm/FCHpP5XOKQ8FJauaBQ3zV3TCrkzO6 KoaDzaNNfkNyEbf1yDEFkMfDyxkSoOcGVGv0AjX3rQv/OFWoLuKTqo6nUV9Pu8lq9kCW fdW2R1YxtSwHoiOCUsuZZKnBmI3Ph2+h0M7hOlLK8jOEOLF531ju7CMpxHEraNo7dg7Z ivstJaTha7wOZVv19kCkvvGnX/yl49NHJnvKJp2wHpIkfBHiM+15z3qahtKmLilagK8Y pZNQ== X-Gm-Message-State: AOJu0Yyg/ok6OfqaXv+wfodQNd9Ud1SGahVPoh6vRunmBhz9FmUAX3X8 KHKEcF5e3HagjXKXseyFh3kTydPjEGseakzDshLAokgdMAniQoyOdvLYrnlTVw== X-Gm-Gg: Acq92OEksHeiOtAR5J7GS+r0+OIUuItELhIUuy4sAGH2oQwdeovDdzahu/h/0oY8YrP WweuBgWdUR2EbND3TTDMYN5eLsTqkK3qk722MM/x5yiXwOyxWqIBj5eTJkGIKmC0HAoHKNKIcGr QsU8sHUiEfa3OT7MjPf3VAfaFLu+FsgbGz7ROZI+zp31RffG5FWQ+raKOVuXEslC1ORfTxfOx77 BLQQslb2X3BvYwkR+q9aAz4BnC5usHakeP6IdZi6nYKTGUhAd7VtWpXEEMCP9zeYfqplt9gShAh bkKAfQrElYis4Z1c8f1lB2lcxWHtFKK+UBaJ2dPHPUjf7LGo2sjQvoW09y6HeX9zEZu7IfgU7JA sSkjL47B14ukfLIgxYJqDS7qK8qYC9D2T1zdHhm1TlkN1kSN15OrlbEkVDd11A2o+8/ywus5DFG AUvu8txrAWvbBnyZBs8E+w7HvbVG7/L07ZB59PwwXwBGt+cPIkoy1LXnhYT9etmyAD5BOfsv2E2 21U X-Received: by 2002:a17:907:9813:b0:bd3:1a18:cc64 with SMTP id a640c23a62f3a-bd5179080d9mr1050897466b.31.1779179982003; Tue, 19 May 2026 01:39:42 -0700 (PDT) From: Oleksii Kurochko To: xen-devel@lists.xenproject.org Cc: Baptiste Le Duc , Oleksii Kurochko , Stefano Stabellini , Julien Grall , Bertrand Marquis , Michal Orzel Subject: [PATCH v1 3/3] xen/libfdt: fix UBSAN null pointer in fdt_property() Date: Tue, 19 May 2026 10:39:28 +0200 Message-ID: <0addc679de64cb59b28cf49ba3d39d17443d1ac8.1779179301.git.oleksii.kurochko@gmail.com> X-Mailer: git-send-email 2.54.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-purgate-ID: tlsNG-4011c0/1779179982-70F618B7-300E0014/10/73395122804 X-purgate-type: spam X-purgate-size: 1440 X-ZohoMail-DKIM: pass (identity @gmail.com) X-ZM-MESSAGEID: 1779180010476154100 Content-Type: text/plain; charset="utf-8" fdt_property() unconditionally calls memcpy(ptr, val, len) even when len is zero and val is NULL. This is a legitimate calling convention for adding empty FDT properties such as "interrupt-controller", which carry no payload. In Xen, memcpy() maps to __builtin_memcpy(). The compiler treats __builtin_memcpy as nonnull on its pointer arguments, so UBSAN fires before it can observe that len is zero: UBSAN: Undefined behaviour in common/libfdt/fdt_sw.c:333:2 null pointer passed as argument 2, declared with nonnull attribute Guard the memcpy() with a check on len so it is skipped entirely when there is no payload to copy, bringing the code in line with the nonnull contract. Fixes: f0ea06558068 ("libfdt: add version 1.3.0") Signed-off-by: Oleksii Kurochko Reviewed-by: Baptiste Le Duc --- xen/common/libfdt/fdt_sw.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/xen/common/libfdt/fdt_sw.c b/xen/common/libfdt/fdt_sw.c index 4c569ee7eb0d..96d4cf571319 100644 --- a/xen/common/libfdt/fdt_sw.c +++ b/xen/common/libfdt/fdt_sw.c @@ -330,7 +330,8 @@ int fdt_property(void *fdt, const char *name, const voi= d *val, int len) ret =3D fdt_property_placeholder(fdt, name, len, &ptr); if (ret) return ret; - memcpy(ptr, val, len); + if (len) + memcpy(ptr, val, len); return 0; } =20 --=20 2.54.0