{"id":2215414,"url":"http://patchwork.ozlabs.org/api/patches/2215414/?format=json","web_url":"http://patchwork.ozlabs.org/project/qemu-devel/patch/20260324151111.237411-3-peter.maydell@linaro.org/","project":{"id":14,"url":"http://patchwork.ozlabs.org/api/projects/14/?format=json","name":"QEMU Development","link_name":"qemu-devel","list_id":"qemu-devel.nongnu.org","list_email":"qemu-devel@nongnu.org","web_url":"","scm_url":"","webscm_url":"","list_archive_url":"","list_archive_url_format":"","commit_url_format":""},"msgid":"<20260324151111.237411-3-peter.maydell@linaro.org>","list_archive_url":null,"date":"2026-03-24T15:11:02","name":"[PULL,02/11] linux-user/i386/signal.c: Correct definition of target_fpstate_32","commit_ref":null,"pull_url":null,"state":"not-applicable","archived":false,"hash":"f7960f3741b67b4a50e71680abd629cda020f71f","submitter":{"id":5111,"url":"http://patchwork.ozlabs.org/api/people/5111/?format=json","name":"Peter Maydell","email":"peter.maydell@linaro.org"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/qemu-devel/patch/20260324151111.237411-3-peter.maydell@linaro.org/mbox/","series":[{"id":497302,"url":"http://patchwork.ozlabs.org/api/series/497302/?format=json","web_url":"http://patchwork.ozlabs.org/project/qemu-devel/list/?series=497302","date":"2026-03-24T15:11:00","name":"[PULL,01/11] target/arm: fix s2prot not set for two-stage PMSA translations","version":1,"mbox":"http://patchwork.ozlabs.org/series/497302/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/2215414/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/2215414/checks/","tags":{},"related":[],"headers":{"Return-Path":"<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256\n header.s=google header.b=kp9fsaUz;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org\n (client-ip=209.51.188.17; helo=lists.gnu.org;\n envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n receiver=patchwork.ozlabs.org)"],"Received":["from lists.gnu.org (lists.gnu.org [209.51.188.17])\n\t(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fgD6Z4KNXz1y1G\n\tfor <incoming@patchwork.ozlabs.org>; Wed, 25 Mar 2026 02:12:22 +1100 (AEDT)","from localhost ([::1] helo=lists1p.gnu.org)\n\tby lists.gnu.org with esmtp (Exim 4.90_1)\n\t(envelope-from <qemu-devel-bounces@nongnu.org>)\n\tid 1w53Pi-0000g7-3I; Tue, 24 Mar 2026 11:11:26 -0400","from eggs.gnu.org ([2001:470:142:3::10])\n by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)\n (Exim 4.90_1) (envelope-from <peter.maydell@linaro.org>)\n id 1w53Pb-0000cV-Te\n for qemu-devel@nongnu.org; Tue, 24 Mar 2026 11:11:20 -0400","from mail-wr1-x432.google.com ([2a00:1450:4864:20::432])\n by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)\n (Exim 4.90_1) (envelope-from <peter.maydell@linaro.org>)\n id 1w53Pa-0005Br-7Z\n for qemu-devel@nongnu.org; Tue, 24 Mar 2026 11:11:19 -0400","by mail-wr1-x432.google.com with SMTP id\n ffacd0b85a97d-439d8dc4ae4so4843272f8f.2\n for <qemu-devel@nongnu.org>; Tue, 24 Mar 2026 08:11:17 -0700 (PDT)","from lanath.. (wildly.archaic.org.uk. [81.2.115.145])\n by smtp.gmail.com with ESMTPSA id\n ffacd0b85a97d-43b64717e97sm40781916f8f.35.2026.03.24.08.11.14\n for <qemu-devel@nongnu.org>\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Tue, 24 Mar 2026 08:11:14 -0700 (PDT)"],"DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=linaro.org; s=google; t=1774365077; x=1774969877; darn=nongnu.org;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:to:from:from:to:cc:subject:date:message-id\n :reply-to; bh=IKbUTaFOqvDJxELefvnhulrQMMYMDi7DhugEoR6vIwo=;\n b=kp9fsaUzPTH2ItGY5PUOzW5T0uYrfRSLBTJdlhhOoL81d6IRQ8QztT84qvsY0rsymo\n jD00NIzxfNEkX/ZkTbEa5bF8GYWn338HkSD4KGrjyzSEzb1jLZFHWZdm7hy9n8W2o8Nx\n 9BWrKxHUbRPZ/r3/J1j1dS5GmFYYYHebJzssPv5vwvTQ642Mz8LRw5lEyju12Vb0DHCl\n 0VHl5jdg3rIitDZR7yyNZMtNqkO6rL4yTQezj4/wxiGDCDuEKgPgvo5tgSZt9gqjq936\n 9E3cnchLthkFARLbLMdy0lwj8GSFJ5nUawLtL/T+3AQdXA8Gm0hcU3xrvTR2VGSgPmy6\n E1ng==","X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20251104; t=1774365077; x=1774969877;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to\n :cc:subject:date:message-id:reply-to;\n bh=IKbUTaFOqvDJxELefvnhulrQMMYMDi7DhugEoR6vIwo=;\n b=GDaaC2Qj6wQOSlgPzVINL2R+lFxYN0ATql85acwBhxvbpBzsmuFSegjY5TXIwhXV50\n jN9HPgirt+yQz1f3I8NrBrk/zfq+JoKD4jogQfXESOmkla21TKrPQJJirOZVOrBrcaDl\n yaEXuxYmeoBFmp2NI0OCRSm9GKiZ2D8CRdIvgjDdlqkvg5JHDe3m76zAtLtUU5xeayGw\n kZPNBdLW7Dn8v8K5Nuylq6xfTJPo1v9wHUJq2wfU8K5ephqTBAxmEgjChN+ES/T2BdJA\n 2ACEPwnrDDnhRQ53vtcmuNozcroGusXNzGucQdf4q+0b1jOLZtuGDxV6LRFNUj40eCTY\n LGdA==","X-Gm-Message-State":"AOJu0YwCP5qGMEA1TP52rR05J5W9HX9nVe6jRBJL7R7UDEx9E8PHi5cC\n NKtenvHC3AwZeke8sQdlLSnOsdfZrxt3E0iXm78AL4McSP9IJbovOqOHyCitPS7m3E3kF7xjOgL\n UD8AP46g=","X-Gm-Gg":"ATEYQzxGSiK7rrTWlSKH5+7AtKnpwMZ523/Lmu6r+nYuFdnwmcU7tGhS/HoiqYCWzmg\n yqsjQ6Dnd5ss1rd4M5lo1CDmFkAzxDdmWYts9CuFwsxQxIRXFoxS9CxIx2kL3JAof1fXDQWxmYT\n cXG7/xl0d3kMclFfBBcu39jfFifOkhWHnNDzLX/GyojIHa5NvX4szxiYDAznA8jpmCqBgBIfX9i\n L0uj/tGY9K5oRwbd7VJJ9cV1QjJY6ELkPTNF7zfaVZ/L055aatgBdxrSR9hRCcZavLSG9T2Qls+\n 1D3+XBX3c7IxXQgEhpTOnl9aZrsy+bEY9uaDkwUlX7wOsamJEwVnoIIET0GYRJI+fCRT9lXe/XP\n +6sWVnk6zmyQh2EmUmu/EAZshUGlKaaCZBb80TbtjlhSLjh8pjiby4d5ZxLA6/byg32/YEY3j/A\n MkDfcxvvaUPeAokHegGoY5OSxjsAorqX+02ivpdwDWg/vm6mXAR6C+O/LK5bOIfOvJzn6yxBuf9\n RF6DF9PPJbRsjybwZj20imi/tNHprM=","X-Received":"by 2002:a05:6000:310d:b0:43b:3b80:6776 with SMTP id\n ffacd0b85a97d-43b64262ebbmr26034105f8f.30.1774365076416;\n Tue, 24 Mar 2026 08:11:16 -0700 (PDT)","From":"Peter Maydell <peter.maydell@linaro.org>","To":"qemu-devel@nongnu.org","Subject":"[PULL 02/11] linux-user/i386/signal.c: Correct definition of\n target_fpstate_32","Date":"Tue, 24 Mar 2026 15:11:02 +0000","Message-ID":"<20260324151111.237411-3-peter.maydell@linaro.org>","X-Mailer":"git-send-email 2.43.0","In-Reply-To":"<20260324151111.237411-1-peter.maydell@linaro.org>","References":"<20260324151111.237411-1-peter.maydell@linaro.org>","MIME-Version":"1.0","Content-Transfer-Encoding":"8bit","Received-SPF":"pass client-ip=2a00:1450:4864:20::432;\n envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x432.google.com","X-Spam_score_int":"-20","X-Spam_score":"-2.1","X-Spam_bar":"--","X-Spam_report":"(-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,\n DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,\n RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,\n SPF_PASS=-0.001 autolearn=ham autolearn_force=no","X-Spam_action":"no action","X-BeenThere":"qemu-devel@nongnu.org","X-Mailman-Version":"2.1.29","Precedence":"list","List-Id":"qemu development <qemu-devel.nongnu.org>","List-Unsubscribe":"<https://lists.nongnu.org/mailman/options/qemu-devel>,\n <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>","List-Archive":"<https://lists.nongnu.org/archive/html/qemu-devel>","List-Post":"<mailto:qemu-devel@nongnu.org>","List-Help":"<mailto:qemu-devel-request@nongnu.org?subject=help>","List-Subscribe":"<https://lists.nongnu.org/mailman/listinfo/qemu-devel>,\n <mailto:qemu-devel-request@nongnu.org?subject=subscribe>","Errors-To":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org","Sender":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org"},"content":"Our definition of the target_fpstate_32 struct doesn't match the\nkernel's version.  We only use this struct definition in the\ndefinition of 'struct sigframe', where it is used in a field that is\npresent only for legacy reasons to retain the offset of the following\n'extramask' field.  So really all that matters is its length, and we\ndo get that right; but our previous definition using\nX86LegacySaveArea implicitly added an extra alignment constraint\n(because X86LegacySaveArea is tagged as 16-aligned) which the real\ntarget_fpstate_32 does not have.  Because we allocate and use a\n'struct sigframe' on the guest's stack with the guest's alignment\nrequirements, this resulted in the undefined-behaviour sanitizer\ncomplaining during 'make check-tcg' for i386-linux-user:\n\n../../linux-user/i386/signal.c:471:35: runtime error: member access within misaligned address 0x1000c07f75ec for type 'struct sigframe', which requires 16 byte alignment\n0x1000c07f75ec: note: pointer points here\n  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00\n              ^\n\n../../linux-user/i386/signal.c:808:5: runtime error: member access within misaligned address 0x1000c07f75f4 for type 'struct target_sigcontext_32', which requires 8 byte alignment\n0x1000c07f75f4: note: pointer points here\n  0a 00 00 00 33 00 00 00  00 00 00 00 2b 00 00 00  2b 00 00 00 40 05 80 40  f4 7f 10 08 58 05 80 40\n              ^\n\nand various similar errors.\n\nReplace the use of X86LegacyXSaveArea with a set of fields that match\nthe kernel _fpstate_32 struct, and assert that the length is correct.\nWe could equally have used\n   uint8_t legacy_area[512];\nbut following the kernel is probably less confusing overall.\n\nSince in target/i386/cpu.h we assert that X86LegacySaveArea is 512\nbytes, and in linux-user/i386/signal.c we assert that\ntarget_fregs_state is (32 + 80) bytes, the new assertion confirms\nthat we didn't change the size of target_fpstate_32 here, only its\nalignment requirements.\n\nCc: qemu-stable@nongnu.org\nSigned-off-by: Peter Maydell <peter.maydell@linaro.org>\nReviewed-by: Richard Henderson <richard.henderson@linaro.org>\nMessage-id: 20260305161739.1775232-1-peter.maydell@linaro.org\n---\n linux-user/i386/signal.c | 25 ++++++++++++++++++++++++-\n 1 file changed, 24 insertions(+), 1 deletion(-)","diff":"diff --git a/linux-user/i386/signal.c b/linux-user/i386/signal.c\nindex 0f11dba831..b646fde431 100644\n--- a/linux-user/i386/signal.c\n+++ b/linux-user/i386/signal.c\n@@ -60,10 +60,33 @@ struct target_fpx_sw_bytes {\n };\n QEMU_BUILD_BUG_ON(sizeof(struct target_fpx_sw_bytes) != 12*4);\n \n+struct fpxreg {\n+    uint16_t significand[4];\n+    uint16_t exponent;\n+    uint16_t padding[3];\n+};\n+\n+struct xmmreg {\n+    uint32_t element[4];\n+};\n+\n+/*\n+ * This corresponds to the kernel's _fpstate_32. Since we\n+ * only use it for the fpstate_unused padding section in\n+ * the target sigcontext, it doesn't actually matter what fields\n+ * we define here as long as we get the size right.\n+ */\n struct target_fpstate_32 {\n     struct target_fregs_state fpstate;\n-    X86LegacyXSaveArea fxstate;\n+    uint32_t fxsr_env[6];\n+    uint32_t mxcsr;\n+    uint32_t reserved;\n+    struct fpxreg fxsr_st[8];\n+    struct xmmreg xmm[8];\n+    uint32_t padding1[44];\n+    uint32_t padding2[12]; /* aka sw_reserved */\n };\n+QEMU_BUILD_BUG_ON(sizeof(struct target_fpstate_32) != 32 + 80 + 512);\n \n struct target_sigcontext_32 {\n     uint16_t gs, __gsh;\n","prefixes":["PULL","02/11"]}