aboutsummaryrefslogtreecommitdiff
path: root/tests/tcg/aarch64
diff options
context:
space:
mode:
authorRichard Henderson <richard.henderson@linaro.org>2021-06-12 12:57:07 -0700
committerPeter Maydell <peter.maydell@linaro.org>2021-06-16 14:33:51 +0100
commitd3327a38cda104dd292105b6b9d140f2158209f9 (patch)
tree5c45b533a29c26ab25ddc0f611e901e73d37ed21 /tests/tcg/aarch64
parenta25c84c7e0ac00c026afa28fbbfa044e12fe0b1a (diff)
downloadqemu-d3327a38cda104dd292105b6b9d140f2158209f9.zip
qemu-d3327a38cda104dd292105b6b9d140f2158209f9.tar.gz
qemu-d3327a38cda104dd292105b6b9d140f2158209f9.tar.bz2
target/arm: Fix mte page crossing test
The test was off-by-one, because tag_last points to the last byte of the tag to check, thus tag_last - prev_page will equal TARGET_PAGE_SIZE when we use the first byte of the next page. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/403 Reported-by: Peter Collingbourne <pcc@google.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20210612195707.840217-1-richard.henderson@linaro.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat (limited to 'tests/tcg/aarch64')
-rw-r--r--tests/tcg/aarch64/Makefile.target2
-rw-r--r--tests/tcg/aarch64/mte-7.c31
2 files changed, 32 insertions, 1 deletions
diff --git a/tests/tcg/aarch64/Makefile.target b/tests/tcg/aarch64/Makefile.target
index 928357b..2c05c90 100644
--- a/tests/tcg/aarch64/Makefile.target
+++ b/tests/tcg/aarch64/Makefile.target
@@ -37,7 +37,7 @@ AARCH64_TESTS += bti-2
# MTE Tests
ifneq ($(DOCKER_IMAGE)$(CROSS_CC_HAS_ARMV8_MTE),)
-AARCH64_TESTS += mte-1 mte-2 mte-3 mte-4 mte-5 mte-6
+AARCH64_TESTS += mte-1 mte-2 mte-3 mte-4 mte-5 mte-6 mte-7
mte-%: CFLAGS += -march=armv8.5-a+memtag
endif
diff --git a/tests/tcg/aarch64/mte-7.c b/tests/tcg/aarch64/mte-7.c
new file mode 100644
index 0000000..a981de6
--- /dev/null
+++ b/tests/tcg/aarch64/mte-7.c
@@ -0,0 +1,31 @@
+/*
+ * Memory tagging, unaligned access crossing pages.
+ * https://gitlab.com/qemu-project/qemu/-/issues/403
+ *
+ * Copyright (c) 2021 Linaro Ltd
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "mte.h"
+
+int main(int ac, char **av)
+{
+ void *p;
+
+ enable_mte(PR_MTE_TCF_SYNC);
+ p = alloc_mte_mem(2 * 0x1000);
+
+ /* Tag the pointer. */
+ p = (void *)((unsigned long)p | (1ul << 56));
+
+ /* Store tag in sequential granules. */
+ asm("stg %0, [%0]" : : "r"(p + 0x0ff0));
+ asm("stg %0, [%0]" : : "r"(p + 0x1000));
+
+ /*
+ * Perform an unaligned store with tag 1 crossing the pages.
+ * Failure dies with SIGSEGV.
+ */
+ asm("str %0, [%0]" : : "r"(p + 0x0ffc));
+ return 0;
+}