|
From: | Richard Henderson |
Subject: | Re: [PULL 02/60] semihosting: Return failure from softmmu-uaccess.h functions |
Date: | Fri, 29 Jul 2022 08:53:59 -0700 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0 |
On 7/29/22 07:31, Peter Maydell wrote:
On Tue, 28 Jun 2022 at 05:54, Richard Henderson <richard.henderson@linaro.org> wrote:We were reporting unconditional success for these functions; pass on any failure from cpu_memory_rw_debug. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>So, this commit makes us check the cpu_memory_rw_debug() return value in the softmmu_lock_user() function; but Coverity points out (CID 1490294) that we still aren't checking the return value from when we call it in softmmu_unlock_user()... What, if anything, should we do about that? In particular, I think that for semihosting calls that write to guest memory, if the guest passes us a pointer to read-only memory we're not going to find out about that until unlock time.
Not even then, because address_space_write_rom will in fact write to rom, nevermind virtual page permissions. Moreover, there are no failure conditions from address_space_write_rom. It skips non-{ram,rom} and always returns OK.
It's probable that we should be using cpu_memory_rw_debug at all, but should be using a higher-level interface, something that (1) checks the virtual page permissions and (2) probably rejects semihosting to mmio.
But in the short term, I think we can just ignore the warning. r~
[Prev in Thread] | Current Thread | [Next in Thread] |