From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
To: u-boot@lists.denx.de
Subject: [U-Boot] Issue with memcpy when booting a fitImage on SPEAr600
Date: Thu, 6 Dec 2018 11:37:14 +0100 [thread overview]
Message-ID: <20181206113714.061f5770@windsurf> (raw)
In-Reply-To: <528e0632-4731-865c-6a2a-6462ce25a63b@denx.de>
Hello Stefan,
On Wed, 5 Dec 2018 12:30:57 +0100, Stefan Roese wrote:
> > It's weird to me that it's happening with this SoC because it's based on
> > ARM926ejs which is widely used I assume. Shouldn't have anyone already
> > encountered the bug? Or is nobody actually booting a fitImage and had the
> > luck to never call memcpy with src == dest anywhere else in the code?
>
> I did some work on the SPEAr600 some years ago and I'm pretty sure that
> I never used FIT image at that time. Sorry, but I can't remember any
> similar issues like these.
Well, the issue is in generic ARM code, so whether it's SPEAr600 or any
other ARM SoC should not really matter here.
> FWIW, I would not oppose to having at least this "src == dest" check
> in the code again, since it doesn't really make sense to overwrite
> an area with the same value - other than for testing purposes.
The thing is that the memcpy() that gets called does have this src ==
dest check, as its code starts with:
ENTRY(memcpy)
cmp r0, r1
bxeq lr
which, if my assembly-fu is not bad, means: if first argument == second
argument, then return. But even with this src == dest check within
memcpy() itself, Quentin is seeing memmove() hang when src == dest.
Another thing is that the memmove() code looks like this:
{
char *tmp, *s;
if (dest <= src) {
memcpy(dest, src, count);
However, having dest <= src does not guarantee that the destination and
source areas are non-overlapping. And the normal semantic for memcpy()
is that it doesn't work for overlapping areas. From memcpy(3):
The memcpy() function copies n bytes from memory area src to memory
area dest. The memory areas must not overlap. Use memmove(3) if the
memory areas do overlap.
Of course, this man page documents the memcpy() implementation from the
C library, and perhaps the semantic of U-Boot memcpy is different.
So is it correct to use memcpy() to implement memmove() when the areas
are overlapping ?
Perhaps Simon Glass, who did the change to use memcpy() in
cb0eae8cf8aaca76910dee4c7eb536d0814d1bd2 could comment on that ?
Best regards,
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
next prev parent reply other threads:[~2018-12-06 10:37 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-05 10:38 [U-Boot] Issue with memcpy when booting a fitImage on SPEAr600 Quentin Schulz
2018-12-05 11:30 ` Stefan Roese
2018-12-06 10:37 ` Thomas Petazzoni [this message]
2019-01-07 10:00 ` Quentin Schulz
2019-01-08 0:38 ` Simon Glass
2019-01-08 11:03 ` Quentin Schulz
2019-01-10 12:56 ` Simon Glass
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181206113714.061f5770@windsurf \
--to=thomas.petazzoni@bootlin.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox