<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
It was a good article.<br>
<br>
I concur that system integrity can definitely be violated. I did a
quick example of an array overflow. (see the code at the end of
this post) I ran it on a Spartan FPGA and it printed all 12
characters without a problem. From what I can tell looking at the
disassembled code, the RISC5 compiler does not add "run time
checking." <br>
<br>
Dave<br>
<br>
<div class="moz-cite-prefix">On 5/14/2015 6:00 AM,
<a class="moz-txt-link-abbreviated" href="mailto:oberon-request@lists.inf.ethz.ch">oberon-request@lists.inf.ethz.ch</a> wrote:<br>
</div>
<blockquote
cite="mid:mailman.27.1431597605.24712.oberon@lists.inf.ethz.ch"
type="cite">
<pre wrap="">------------------------------
Message: 4
Date: Wed, 13 May 2015 19:47:49 +0200
From: Michael Schierl <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:schierlm@gmx.de"><schierlm@gmx.de></a>
Subject: Re: [Oberon] FPGA Oberon Article in Xilinx Xcell Journal
(Issue 91)
To: <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:oberon@lists.inf.ethz.ch">oberon@lists.inf.ethz.ch</a>
Message-ID: <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:55538E45.5020303@gmx.de"><55538E45.5020303@gmx.de></a>
Content-Type: text/plain; charset=windows-1252
Am 13.05.2015 um 15:15 schrieb Srinivas Nayak:
</pre>
<blockquote type="cite" style="color: #000000;">
<pre wrap=""><span class="moz-txt-citetags">> </span>Good to see the article.
<span class="moz-txt-citetags">> </span>Here is the pdf.
<span class="moz-txt-citetags">> </span><a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="http://www.xilinx.com/publications/archives/xcell/Xcell91.pdf">www.xilinx.com/publications/archives/xcell/Xcell91.pdf</a>
</pre>
</blockquote>
<pre wrap="">Quoted from the article:
"In fact, system integrity can be violated only by the use of operations
in the pseudo-module SYSTEM, namely PUT and COPY"
That's wishful thinking... System integrity can easily be violated by
accessing uninitialized variables on the stack (it is left as an
exercise to the reader to abuse this for implementing SYSTEM.PUT for the
RISC processor in pure Oberon without importing the SYSTEM module). And
there is no easy way of fixing this that does not impact performance
(like initializing all variables on the stack), as the Oberon language
neither has a notion of uninitialized variables, nor of "out" parameters.
I think the bug in System.Clear that sometimes overwrites some random
piece of memory due to accessing an uninitialized pointer has not been
fixed yet in the source published on Project Oberon, either.
But apart from that, I like the article, too <span class="moz-smiley-s1" title=":)"><span>:)</span></span>
Regards,
Michael
</pre>
</blockquote>
<br>
<br>
<small>=================================================================================================<br>
Source:<br>
<br>
(* Overflow.Mod<br>
* <br>
* (c) SkuTek Instrumentation<br>
* D. Hunter<br>
* This program tests if array bounds checking is done<br>
* Versions:<br>
* 0.1 05/14/15 DH - initial version<br>
*)<br>
<br>
MODULE* Overflow; (* embedded module *)<br>
IMPORT SYSTEM;<br>
<br>
CONST<br>
(* ASCII characters *)<br>
LF = 0AX;<br>
CR = 0DX; (* CR / LF characters *)<br>
SPC = 20X; (* space character *)<br>
PRMPT = 23X; (* prompt character = # *)<br>
DOT = 2EX; (* period or decimal point *)<br>
<br>
(* I/O addresses at top of memory map, <br>
NOTE: the values need to be negative to generate the
correct instructions *)<br>
UDATA = -56; (* UART data *)<br>
USTAT = -52; (* UART status *)<br>
<br>
(* UART status flags *)<br>
RXF = 0; (* receive ready flag is in bit 0
*)<br>
TXF = 1; (* transmit ready flag is in bit 1
*)<br>
<br>
(* test parameters *)<br>
SIZE = 10; (* array size *)<br>
STOP = 12; (* stop index *)<br>
<br>
<br>
VAR<br>
i : INTEGER;<br>
test: ARRAY SIZE OF CHAR;<br>
(* ========================================= *)<br>
(* UART transmit procedures *)<br>
<br>
(* send a character to the UART <br>
NOTE: the extra time converting to a set helps slow down<br>
the polling, which is desired with such a fast processor
*)<br>
PROCEDURE PutChar(c: CHAR); <br>
VAR <br>
s: SET; (* status bit field *) <br>
stat: INTEGER; (* integer status *)<br>
BEGIN<br>
REPEAT (* wait for a transmitter ready
*)<br>
SYSTEM.GET(USTAT,stat); (* get UART status *)<br>
s := SYSTEM.VAL(SET,stat) (* convert to set *)<br>
UNTIL (TXF IN s); (* loop until transmit ready is
set *) <br>
<br>
SYSTEM.PUT(UDATA,ORD(c)) (* send character *)<br>
END PutChar;<br>
<br>
(* ========================================= *)<br>
(* send a CR/LF to the UART *)<br>
PROCEDURE WriteLn; <br>
BEGIN<br>
PutChar(CR);<br>
PutChar(LF)<br>
END WriteLn; <br>
<br>
(* main program *)<br>
<br>
BEGIN<br>
REPEAT<br>
LED(0);<br>
PutChar(PRMPT); PutChar(SPC); <br>
FOR i := 0 TO STOP DO;<br>
test[i] := CHR(41H + i); (* store character
into the array *)<br>
PutChar(test[i]) <br>
END;<br>
PutChar(DOT); WriteLn;<br>
LED(2);<br>
FOR i := 0 TO 100000 DO; (* pause *)<br>
END;<br>
UNTIL FALSE;<br>
<br>
END Overflow.<br>
<br>
=================================================================================================<br>
Compiled code with Oberon module added:<br>
<br>
ORTool 29.10.2014<br>
decode Overflow.rsc<br>
Overflow E9D4E4B5 0 340<br>
imports:<br>
type descriptors<br>
<br>
data 16<br>
strings<br>
<br>
code<br>
0 E7000021 B 33 ; branch start<br>
1 00000000 MOV R0 R0 R0<br>
2 00000000 MOV R0 R0 R0<br>
3 00000000 MOV R0 R0 R0<br>
4 00000000 MOV R0 R0 R0<br>
5 00000000 MOV R0 R0 R0<br>
6 00000000 MOV R0 R0 R0<br>
7 00000000 MOV R0 R0 R0<br>
8 4EE90010 SUB SP SP 16 PROCEDURE
PutChar(c); <br>
9 AFE00000 STR LNK SP 0 BEGIN<br>
10 A0E00004 STR R0 SP 4 [ save c
on stack ]<br>
11 5000FFCC MOV R0 R0 -52 REPEAT<br>
12 80000000 LDR R0 R0 0
SYSTEM.GET(USTAT,stat);<br>
13 A0E0000C STR R0 SP 12 <br>
14 80E0000C LDR R0 SP 12<br>
15 A0E00008 STR R0 SP 8 s :=
SYSTEM.VAL(SET, stat)<br>
16 80E00008 LDR R0 SP 8 <br>
17 40030002 ROR R0 R0 2<br>
18 E8FFFFF8 BPL -8 UNTIL (TXF
in s);<br>
19 90E00004 LDR R0 SP 4<br>
20 5100FFC8 MOV R1 R0 -56<br>
21 A0100000 STR R0 R1 0
SYSTEM.PUT(UDATA,ORD(c))<br>
22 8FE00000 LDR LNK SP 0<br>
23 4EE80010 ADD SP SP 16<br>
24 C700000F B LNK END PutChar;<br>
25 4EE90004 SUB SP SP 4 PROCEDURE WriteLn;<br>
26 AFE00000 STR LNK SP 0 BEGIN<br>
27 4000000D MOV R0 R0 13<br>
28 F7FFFFEB BL -21 PutChar(CR);<br>
29 4000000A MOV R0 R0 10<br>
30 F7FFFFE9 BL -23 PutChar(LF);<br>
31 8FE00000 LDR LNK SP 0 <br>
32 4EE80004 ADD SP SP 4<br>
33 C700000F B LNK END WriteLn;<br>
34 4D000010 MOV SB R0 16 Entry: set SB =
16<br>
35 4E008000 MOV SP R0 -32768 set SP =
8000H<br>
36 40000000 MOV R0 R0 0 BEGIN REPEAT<br>
37 5100FFC4 MOV R1 R0 -60<br>
38 A0100000 STR R0 R1 0 LED(0);<br>
39 40000023 MOV R0 R0 35<br>
40 F7FFFFDF BL -33
PutChar(PRMPT);<br>
41 40000020 MOV R0 R0 32<br>
42 F7FFFFDD BL -35
PutChar(SPC);<br>
43 40000000 MOV R0 R0 0 FOR i := 0
TO STOP DO;<br>
44 4109000C SUB R1 R0 12<br>
45 EE00000E BGT 14<br>
46 A0D00000 STR R0 SB 0<br>
47 80D00000 LDR R0 SB 0<br>
48 00D80000 ADD R0 SB R0<br>
49 41000041 MOV R1 R0 65 <br>
50 82D00000 LDR R2 SB 0<br>
51 01180002 ADD R1 R1 R2<br>
52 B1000004 STR R1 R0 4 test[i]
:= CHR(41H + 1);<br>
53 80D00000 LDR R0 SB 0<br>
54 00D80000 ADD R0 SB R0<br>
55 90000004 LDR R0 R0 4 <br>
56 F7FFFFCF BL -49
PutChar(test[i]);<br>
57 80D00000 LDR R0 SB 0<br>
58 40080001 ADD R0 R0 1<br>
59 E7FFFFF0 B -16 END;<br>
60 4000002E MOV R0 R0 46<br>
61 F7FFFFCA BL -54
PutChar(DOT);<br>
62 F7FFFFDA BL -38 WriteLn;<br>
63 40000002 MOV R0 R0 2<br>
64 5100FFC4 MOV R1 R0 -60<br>
65 A0100000 STR R0 R1 0 LED(2);<br>
66 40000000 MOV R0 R0 0 FOR i := 0
TO 100000 DO;<br>
67 61000001 MOV' R1 R0 1<br>
68 411686A0 IOR R1 R1 -31072<br>
69 01090001 SUB R1 R0 R1<br>
70 EE000004 BGT 4<br>
71 A0D00000 STR R0 SB 0<br>
72 80D00000 LDR R0 SB 0<br>
73 40080001 ADD R0 R0 1<br>
74 E7FFFFF8 B -8 END;<br>
75 E7FFFFD8 B -40 UNTIL FALSE;<br>
76 40000000 MOV R0 R0 0<br>
77 C7000000 B R0 Branch to 00000H
[never executed]</small><br>
<br /><br />
<hr style='border:none; color:#909090; background-color:#B0B0B0; height: 1px; width: 99%;' />
<table style='border-collapse:collapse;border:none;'>
<tr>
<td style='border:none;padding:0px 15px 0px 8px'>
<a href="http://www.avast.com/">
<img border=0 src="http://static.avast.com/emails/avast-mail-stamp.png" />
</a>
</td>
<td>
<p style='color:#3d4d5a; font-family:"Calibri","Verdana","Arial","Helvetica"; font-size:12pt;'>
This email has been checked for viruses by Avast antivirus software.
<br><a href="http://www.avast.com/">www.avast.com</a>
</p>
</td>
</tr>
</table>
<br />
</body>
</html>