qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] ppc/spapr: Fix ubsan warning with unaligned pointer access
@ 2023-12-17  0:14 Daniel Hoffman
  2023-12-20  1:45 ` Richard Henderson
  0 siblings, 1 reply; 3+ messages in thread
From: Daniel Hoffman @ 2023-12-17  0:14 UTC (permalink / raw)
  To: qemu-devel
  Cc: qemu-trivial, Daniel Hoffman, Alexey Kardashevskiy, David Gibson,
	open list:Virtual Open Firm...

Found while running QTest with UBsan. Unaligned pointers appear to be
valid, so moving the read to an explicit memcpy to an intermediate.
---
 hw/ppc/vof.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/hw/ppc/vof.c b/hw/ppc/vof.c
index e3b430a81f4..609a51c645d 100644
--- a/hw/ppc/vof.c
+++ b/hw/ppc/vof.c
@@ -646,7 +646,10 @@ static void vof_dt_memory_available(void *fdt, GArray *claimed, uint64_t base)
     mem0_reg = fdt_getprop(fdt, offset, "reg", &proplen);
     g_assert(mem0_reg && proplen == sizeof(uint32_t) * (ac + sc));
     if (sc == 2) {
-        mem0_end = be64_to_cpu(*(uint64_t *)(mem0_reg + sizeof(uint32_t) * ac));
+        /* Pointer may be unaligned */
+        uint64_t mem0_end_copy;
+        memcpy(&mem0_end_copy, mem0_reg + sizeof(uint32_t) * ac, sizeof(mem0_end_copy));
+        mem0_end = be64_to_cpu(mem0_end_copy);
     } else {
         mem0_end = be32_to_cpu(*(uint32_t *)(mem0_reg + sizeof(uint32_t) * ac));
     }
-- 
2.40.1



^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH] ppc/spapr: Fix ubsan warning with unaligned pointer access
  2023-12-17  0:14 [PATCH] ppc/spapr: Fix ubsan warning with unaligned pointer access Daniel Hoffman
@ 2023-12-20  1:45 ` Richard Henderson
  2023-12-22  3:47   ` Alexey Kardashevskiy
  0 siblings, 1 reply; 3+ messages in thread
From: Richard Henderson @ 2023-12-20  1:45 UTC (permalink / raw)
  To: Daniel Hoffman, qemu-devel
  Cc: qemu-trivial, Alexey Kardashevskiy, David Gibson,
	open list:Virtual Open Firm...

On 12/16/23 16:14, Daniel Hoffman wrote:
> Found while running QTest with UBsan. Unaligned pointers appear to be
> valid, so moving the read to an explicit memcpy to an intermediate.
> ---
>   hw/ppc/vof.c | 5 ++++-
>   1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/hw/ppc/vof.c b/hw/ppc/vof.c
> index e3b430a81f4..609a51c645d 100644
> --- a/hw/ppc/vof.c
> +++ b/hw/ppc/vof.c
> @@ -646,7 +646,10 @@ static void vof_dt_memory_available(void *fdt, GArray *claimed, uint64_t base)
>       mem0_reg = fdt_getprop(fdt, offset, "reg", &proplen);
>       g_assert(mem0_reg && proplen == sizeof(uint32_t) * (ac + sc));
>       if (sc == 2) {
> -        mem0_end = be64_to_cpu(*(uint64_t *)(mem0_reg + sizeof(uint32_t) * ac));
> +        /* Pointer may be unaligned */
> +        uint64_t mem0_end_copy;
> +        memcpy(&mem0_end_copy, mem0_reg + sizeof(uint32_t) * ac, sizeof(mem0_end_copy));
> +        mem0_end = be64_to_cpu(mem0_end_copy);

mem0_end = ldq_be_p(mem0_reg + sizeof(uint32_t) * ac);


r~


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH] ppc/spapr: Fix ubsan warning with unaligned pointer access
  2023-12-20  1:45 ` Richard Henderson
@ 2023-12-22  3:47   ` Alexey Kardashevskiy
  0 siblings, 0 replies; 3+ messages in thread
From: Alexey Kardashevskiy @ 2023-12-22  3:47 UTC (permalink / raw)
  To: Richard Henderson, Daniel Hoffman, qemu-devel
  Cc: qemu-trivial, David Gibson, open list:Virtual Open Firm...



On 20/12/2023 12:45, Richard Henderson wrote:
> On 12/16/23 16:14, Daniel Hoffman wrote:
>> Found while running QTest with UBsan. Unaligned pointers appear to be
>> valid, so moving the read to an explicit memcpy to an intermediate.
>> ---
>>   hw/ppc/vof.c | 5 ++++-
>>   1 file changed, 4 insertions(+), 1 deletion(-)
>>
>> diff --git a/hw/ppc/vof.c b/hw/ppc/vof.c
>> index e3b430a81f4..609a51c645d 100644
>> --- a/hw/ppc/vof.c
>> +++ b/hw/ppc/vof.c
>> @@ -646,7 +646,10 @@ static void vof_dt_memory_available(void *fdt, 
>> GArray *claimed, uint64_t base)
>>       mem0_reg = fdt_getprop(fdt, offset, "reg", &proplen);
>>       g_assert(mem0_reg && proplen == sizeof(uint32_t) * (ac + sc));
>>       if (sc == 2) {
>> -        mem0_end = be64_to_cpu(*(uint64_t *)(mem0_reg + 
>> sizeof(uint32_t) * ac));
>> +        /* Pointer may be unaligned */
>> +        uint64_t mem0_end_copy;
>> +        memcpy(&mem0_end_copy, mem0_reg + sizeof(uint32_t) * ac, 
>> sizeof(mem0_end_copy));
>> +        mem0_end = be64_to_cpu(mem0_end_copy);
> 
> mem0_end = ldq_be_p(mem0_reg + sizeof(uint32_t) * ac);


+1 for ldq_be_p(). Or read lo&hi 32bit chunks and combine. Thanks,

> 
> 
> r~

-- 
Alexey



^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-12-22  3:47 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-12-17  0:14 [PATCH] ppc/spapr: Fix ubsan warning with unaligned pointer access Daniel Hoffman
2023-12-20  1:45 ` Richard Henderson
2023-12-22  3:47   ` Alexey Kardashevskiy

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).