From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from albireo.enyo.de (albireo.enyo.de [37.24.231.21]) by sourceware.org (Postfix) with ESMTPS id CFACB3959C2F for ; Tue, 28 Apr 2020 21:16:38 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org CFACB3959C2F Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=deneb.enyo.de Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=fw@deneb.enyo.de Received: from [172.17.203.2] (helo=deneb.enyo.de) by albireo.enyo.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) id 1jTXag-0000Vr-J7; Tue, 28 Apr 2020 21:16:30 +0000 Received: from fw by deneb.enyo.de with local (Exim 4.92) (envelope-from ) id 1jTXZ5-0000of-L0; Tue, 28 Apr 2020 23:14:51 +0200 From: Florian Weimer To: Joseph Myers Cc: "zhuyan \(M\)" , "libc-alpha\@sourceware.org" Subject: Re: [PATCH v2] memcpy: use bhs/bls instead of bge/blt [BZ #25620] References: <95923e664fc9426c9c121efeaa69268c@huawei.com> <877dy8rjlq.fsf@mid.deneb.enyo.de> Date: Tue, 28 Apr 2020 23:14:51 +0200 In-Reply-To: (Joseph Myers's message of "Tue, 21 Apr 2020 21:27:25 +0000") Message-ID: <87ftcn48j8.fsf@mid.deneb.enyo.de> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Status: No, score=-9.1 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Apr 2020 21:16:40 -0000 * Joseph Myers: > On Tue, 21 Apr 2020, Florian Weimer wrote: > >> * Joseph Myers: >> >> > On Mon, 13 Apr 2020, zhuyan (M) wrote: >> > >> >> In ARMv7, the memcpy() implementation allows for program execution to >> >> continue in scenarios where a segmentation fault or crash should have >> >> occurred. The dangers occur in that subsequent execution and iterations >> >> of this code will be executed with this corrupted data. >> >> >> >> Such as, we use 'memcpy' copy 0x80000000 byte to buffer(The buffer size >> >> is 100 bytes), it didn't crash. >> > >> > This patch includes an architecture-specific test, specific to memcpy. >> > My understanding of Wilco's request in bug 25620 was for an >> > architecture-independent test or tests, covering all string functions with >> > such large arguments, so we can ensure we're consistent across >> > architectures. >> >> Sure, that would be great, but can we make this independent of this >> fix, please? > > I think the minimum for this fix should be an architecture-independent > test for memcpy (but not other string functions, and not necessarily > testing all IFUNC variants of memcpy). Fair enough. I'll try to write one using the RAM compression feature I added. But I can't get a 32-bit Arm machine from the labs at work right now, and it may be a while until I get a device delivered, so it will be at least a few days more until I have a test that's been confirmed to reproduce the bug.