Peter Maydell <[email protected]> writes:
> On Mon, 23 Nov 2020 at 13:41, Alex Bennée <[email protected]> wrote: >> >> >> Peter Maydell <[email protected]> writes: >> >> > In the vCont packet, two of the command actions (C and S) take an >> > argument specifying the signal to be sent to the process/thread, which is >> > sent as an ASCII string of two hex digits which immediately follow the >> > 'C' or 'S' character. >> > >> > Our code for parsing this packet accidentally skipped the first of the >> > two bytes of the signal value, because it started parsing the hex string >> > at 'p + 1' when the preceding code had already moved past the 'C' or >> > 'S' with "cur_action = *p++". >> > >> > This meant that we would only do the right thing for signals below >> > 10, and would misinterpret the rest. For instance, when the debugger >> > wants to send the process a SIGPROF (27 on x86-64) we mangle this into >> > a SIGSEGV (11). >> > >> > Remove the accidental double increment. >> > >> > Fixes: https://bugs.launchpad.net/qemu/+bug/1773743 >> > Signed-off-by: Peter Maydell <[email protected]> >> >> LGTM >> >> Reviewed-by: Alex Bennée <[email protected]> >> >> > --- >> > Haven't really given this enough testing to want to put it into 5.2, >> > I think (though it does fix the repro in the bug report). >> > The bug has been present since commit 544177ad1cfd78 from 2017. >> >> I'd be happy including it. I don't have any gdbstub patches queued at >> the moment but I could put together one if you want or you could just >> include it directly if you are now happy to. > > Now that 6.0 has opened up, I'll put this in via target-arm.next > unless you'd prefer to take it. Go for it, I have nothing else at the moment. > > -- PMM -- Alex Bennée
