Re: [Qemu-devel] [PATCH 06/11] target/arm: Fix sign-extension in sve do_ldr/do_str

From: Laurent Desnogues <laurent.desnogues@gmail.com>
To: Richard Henderson <richard.henderson@linaro.org>
Cc: "qemu-devel@nongnu.org" <qemu-devel@nongnu.org>,
	"Peter Maydell" <peter.maydell@linaro.org>,
	"Alex Bennée" <alex.bennee@linaro.org>,
	qemu-stable@nongnu.org
Subject: Re: [Qemu-devel] [PATCH 06/11] target/arm: Fix sign-extension in sve do_ldr/do_str
Date: Thu, 9 Aug 2018 07:28:20 +0200	[thread overview]
Message-ID: <CABoDooPoFa1+UHHOwN+9DJrG7k=88sio6EFL+-Hz0tX1cLfyCg@mail.gmail.com> (raw)
In-Reply-To: <20180809034033.10579-7-richard.henderson@linaro.org>

On Thu, Aug 9, 2018 at 5:40 AM, Richard Henderson
<richard.henderson@linaro.org> wrote:
> The expression (int) imm + (uint32_t) len_align turns into uint32_t
> and thus with negative imm produces a memory operation at the wrong
> offset.  None of the numbers involved are particularly large, so
> change everything to use int.
>
> Cc: qemu-stable@nongnu.org (3.0.1)
> Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Tested-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>

Laurent

> ---
>  target/arm/translate-sve.c | 18 ++++++++----------
>  1 file changed, 8 insertions(+), 10 deletions(-)
>
> diff --git a/target/arm/translate-sve.c b/target/arm/translate-sve.c
> index 89efc80ee7..9e63b5f8e5 100644
> --- a/target/arm/translate-sve.c
> +++ b/target/arm/translate-sve.c
> @@ -4372,12 +4372,11 @@ static bool trans_UCVTF_dd(DisasContext *s, arg_rpr_esz *a, uint32_t insn)
>   * The load should begin at the address Rn + IMM.
>   */
>
> -static void do_ldr(DisasContext *s, uint32_t vofs, uint32_t len,
> -                   int rn, int imm)
> +static void do_ldr(DisasContext *s, uint32_t vofs, int len, int rn, int imm)
>  {
> -    uint32_t len_align = QEMU_ALIGN_DOWN(len, 8);
> -    uint32_t len_remain = len % 8;
> -    uint32_t nparts = len / 8 + ctpop8(len_remain);
> +    int len_align = QEMU_ALIGN_DOWN(len, 8);
> +    int len_remain = len % 8;
> +    int nparts = len / 8 + ctpop8(len_remain);
>      int midx = get_mem_index(s);
>      TCGv_i64 addr, t0, t1;
>
> @@ -4458,12 +4457,11 @@ static void do_ldr(DisasContext *s, uint32_t vofs, uint32_t len,
>  }
>
>  /* Similarly for stores.  */
> -static void do_str(DisasContext *s, uint32_t vofs, uint32_t len,
> -                   int rn, int imm)
> +static void do_str(DisasContext *s, uint32_t vofs, int len, int rn, int imm)
>  {
> -    uint32_t len_align = QEMU_ALIGN_DOWN(len, 8);
> -    uint32_t len_remain = len % 8;
> -    uint32_t nparts = len / 8 + ctpop8(len_remain);
> +    int len_align = QEMU_ALIGN_DOWN(len, 8);
> +    int len_remain = len % 8;
> +    int nparts = len / 8 + ctpop8(len_remain);
>      int midx = get_mem_index(s);
>      TCGv_i64 addr, t0;
>
> --
> 2.17.1
>