From patchwork Mon Jul 31 21:02:10 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Richard Henderson <richard.henderson@linaro.org>
X-Patchwork-Id: 708418
Delivered-To: patch@linaro.org
Received: by 2002:a5d:6787:0:b0:317:2194:b2bc with SMTP id v7csp2522657wru;
 Mon, 31 Jul 2023 14:03:56 -0700 (PDT)
X-Google-Smtp-Source: APBJJlE6rEmu9NuVNsWq/SxBS3XsSeBc2HPQcw6pJfGQR28K9k3g4jIHEx1eNrYVv5U4weI55ZCL
X-Received: by 2002:a0c:aa17:0:b0:626:1ba1:70ae with SMTP id
 d23-20020a0caa17000000b006261ba170aemr10966962qvb.33.1690837436135;
 Mon, 31 Jul 2023 14:03:56 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1690837436; cv=none;
 d=google.com; s=arc-20160816;
 b=yunD6sFkqlMv+Bb6zDVXtLiv6SpRHOfzR4PltbLojPlYvsar1KL4VgfJLxZBnxRNoQ
 S9MtvVhrwG+V1PDK1ZvjH9ErBJHTx35CeMyGQsKxIL6UkQMW5pOwvukI3pQi+dzDy3B+
 b5nZLlOwJoowpviUCHYad963Jfzqba37VRm3ruoC3HEBm3vhxoxFgHEsRuFlCADNNHOa
 lY2q+mkmNgoeEDe7lS5vNCsKCE0dIIYxHZ6v/l2Lk0ETy4fixI2xwI5mkOQCfXYm3SrO
 I2ctx2z4js3hNutBqScIewZsrQviqvMGRWytdJAIEkW9ZHt/ts9THZ8Y6mkQHvxeZln5
 N1nQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from:dkim-signature;
 bh=Xc1zrCJDVG+lPGuHxCdmlX/jD7CzCST/l+CtotajKSU=;
 fh=YaYmJVj9RlRlIC1VNhWcXt1/ENbAV/0bAZn0rayUK6c=;
 b=gncgqdZo/Jtwr/Tk0uHZKiwzbZcs2nPV6j+aXIeA56LWAd0y9pX9A3jH/S+BEz24j0
 UxsWqzx2QFIJAjA+C4ZE2g6PftspZYvuac8O5RbNwX990WO97AODPpXnzVlozZQgeJGR
 lkX2ppQWr0bpZykJZuR4Y3w3n/mFl7gdgCVYJgxatMvmibDSWplfk1NXU2blQiXITkb0
 w/+1H9VnK+6tzYRYjOqaUHe44W/K79TL4guCiZe6mbnbYnEQEonBstz6CUMv8x8G4qRZ
 kytz4rZh4vrejWPU42pDbJr9vj8gYo4/cDi9PJV3QlR+6rkvkjBkJwZIrqNDm2AWJmWx
 xXOg==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=uco0uNy5;
 spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17])
 by mx.google.com with ESMTPS id
 s16-20020a0ce310000000b00634c07ba3b2si938744qvl.105.2023.07.31.14.03.55
 for <patch@linaro.org>
 (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256);
 Mon, 31 Jul 2023 14:03:56 -0700 (PDT)
Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender) client-ip=209.51.188.17;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=uco0uNy5;
 spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org";
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from localhost ([::1] helo=lists1p.gnu.org)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <qemu-devel-bounces@nongnu.org>)
 id 1qQa29-0000uQ-2x; Mon, 31 Jul 2023 17:02:29 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <richard.henderson@linaro.org>)
 id 1qQa27-0000tV-Dn
 for qemu-devel@nongnu.org; Mon, 31 Jul 2023 17:02:27 -0400
Received: from mail-pf1-x429.google.com ([2607:f8b0:4864:20::429])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <richard.henderson@linaro.org>)
 id 1qQa23-0006Pz-EN
 for qemu-devel@nongnu.org; Mon, 31 Jul 2023 17:02:26 -0400
Received: by mail-pf1-x429.google.com with SMTP id
 d2e1a72fcca58-686efdeabaeso3263740b3a.3
 for <qemu-devel@nongnu.org>; Mon, 31 Jul 2023 14:02:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1690837341; x=1691442141;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=Xc1zrCJDVG+lPGuHxCdmlX/jD7CzCST/l+CtotajKSU=;
 b=uco0uNy5Sro7JsUIGt3LE4fx6Xu3QVpUOrYN9Lp3XDd7t+PRuwfkNTWorP/2hQMNYd
 ZV5Ehq1Wr3bhUIEw0zMANihsr3uFf9xhyEYU3BOKhMUngRtwHV4uXnr3i6AIrPgb66Ay
 SBIDDL4ObX7dBliUcTqzGvauwNkHXuOsuWwmW2OSSdVwnYmDGGMPXDJAcKlsVsp4DBtl
 2dtMorR7oi1/hhlwsIOOJGGoB+9NJLA/OkYwRc4zp71HmBaWsQFYOv4ALkwxoDpJeqU0
 FiA8nrps5rmCXCBchCU1wQ4V3s+gjX8wpPAxnqjJP2jCvwwdQis5cenR/lqgvuYUmkKA
 PugA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20221208; t=1690837341; x=1691442141;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=Xc1zrCJDVG+lPGuHxCdmlX/jD7CzCST/l+CtotajKSU=;
 b=XS10taf9A58NrVHN51h/6KSQaSOgqaNQbZp3avhVZGKkwHpCw/Kr3ciQPSAoEYfZ3T
 Q9rgTI+GrfPyqc7OkWPvI4b59YBPmA7jKLoBBi1uelL6YdCdi0nrEcnFflTXzy7W5Bip
 3WVegZrPKa/JKY3NMGvSNqBgD93ieNg3LVRlEs58t5xWNCok0cnuOzXfphmqD3IKD4qt
 ksDFVBRl8HvbkKFH0Pwfe3w1XPz4lRVZeNaklbG75y8eQGKSU3eA2g4zof4aW5d/d9mW
 v+ho7DcMwkxjySo5SHBrqDbrgrzpse8iXJPmg1Muh1CyWw1ilX6VWMsd4qlrtmyh/q+R
 y5Zw==
X-Gm-Message-State: ABy/qLZ2SjaJ6hcaas7ZU0AbL0KGkcBsKYO5TJj7UQuMS79qfsyaSkNC
 fpP50QDW9UB3sAdTw+Ni+Jk7x/IqzVb/IwY9v50=
X-Received: by 2002:a17:902:9b89:b0:1b8:b47e:a881 with SMTP id
 y9-20020a1709029b8900b001b8b47ea881mr8368929plp.49.1690837341035;
 Mon, 31 Jul 2023 14:02:21 -0700 (PDT)
Received: from stoup.. ([2602:47:d490:6901:4f6f:6b:2de4:e0cb])
 by smtp.gmail.com with ESMTPSA id
 r11-20020a1709028bcb00b001bb8895848bsm8924230plo.71.2023.07.31.14.02.20
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 31 Jul 2023 14:02:20 -0700 (PDT)
From: Richard Henderson <richard.henderson@linaro.org>
To: qemu-devel@nongnu.org
Cc: Helge Deller <deller@gmx.de>, qemu-stable@nongnu.org,
 "Markus F.X.J. Oberhumer" <markus@oberhumer.com>,
 John Reiser <jreiser@BitWagon.com>,
 =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= <philmd@linaro.org>
Subject: [PULL 09/10] linux-user/armeb: Fix __kernel_cmpxchg() for armeb
Date: Mon, 31 Jul 2023 14:02:10 -0700
Message-Id: <20230731210211.137353-10-richard.henderson@linaro.org>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20230731210211.137353-1-richard.henderson@linaro.org>
References: <20230731210211.137353-1-richard.henderson@linaro.org>
MIME-Version: 1.0
Received-SPF: pass client-ip=2607:f8b0:4864:20::429;
 envelope-from=richard.henderson@linaro.org; helo=mail-pf1-x429.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org

From: Helge Deller <deller@gmx.de>

Commit 7f4f0d9ea870 ("linux-user/arm: Implement __kernel_cmpxchg with host
atomics") switched to use qatomic_cmpxchg() to swap a word with the memory
content, but missed to endianess-swap the oldval and newval values when
emulating an armeb CPU, which expects words to be stored in big endian in
the guest memory.

The bug can be verified with qemu >= v7.0 on any little-endian host, when
starting the armeb binary of the upx program, which just hangs without
this patch.

Cc: qemu-stable@nongnu.org
Signed-off-by: Helge Deller <deller@gmx.de>
Reported-by: "Markus F.X.J. Oberhumer" <markus@oberhumer.com>
Reported-by: John Reiser <jreiser@BitWagon.com>
Closes: https://github.com/upx/upx/issues/687
Message-Id: <ZMQVnqY+F+5sTNFd@p100>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 linux-user/arm/cpu_loop.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/linux-user/arm/cpu_loop.c b/linux-user/arm/cpu_loop.c
index a992423257..b404117ff3 100644
--- a/linux-user/arm/cpu_loop.c
+++ b/linux-user/arm/cpu_loop.c
@@ -117,8 +117,9 @@ static void arm_kernel_cmpxchg32_helper(CPUARMState *env)
 {
     uint32_t oldval, newval, val, addr, cpsr, *host_addr;
 
-    oldval = env->regs[0];
-    newval = env->regs[1];
+    /* Swap if host != guest endianness, for the host cmpxchg below */
+    oldval = tswap32(env->regs[0]);
+    newval = tswap32(env->regs[1]);
     addr = env->regs[2];
 
     mmap_lock();
@@ -174,6 +175,10 @@ static void arm_kernel_cmpxchg64_helper(CPUARMState *env)
         return;
     }
 
+    /* Swap if host != guest endianness, for the host cmpxchg below */
+    oldval = tswap64(oldval);
+    newval = tswap64(newval);
+
 #ifdef CONFIG_ATOMIC64
     val = qatomic_cmpxchg__nocheck(host_addr, oldval, newval);
     cpsr = (val == oldval) * CPSR_C;