[2/3] exec.c: Don't accidentally sign-extend 4-byte loads in subpage_read()

Message ID 20180611171007.4165-3-peter.maydell@linaro.org
State Superseded
Headers show
Series
  • Add ldn_*_p() and stn_*_p() and use them in exec.c
Related show

Commit Message

Peter Maydell June 11, 2018, 5:10 p.m.
In subpage_read() we perform a load of the data into a local buffer
which we then access using ldub_p(), lduw_p(), ldl_p() or ldq_p()
depending on its size, storing the result into the uint64_t *data.
Since ldl_p() returns an 'int', this means that for the 4-byte
case we will sign-extend the data, whereas for 1 and 2 byte
reads we zero-extend it.

This ought not to matter since the caller will likely ignore values in
the high bytes of the data, but add a cast so that we're consistent.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

---
 exec.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-- 
2.17.1

Comments

Richard Henderson June 12, 2018, 8:58 p.m. | #1
On 06/11/2018 07:10 AM, Peter Maydell wrote:
> In subpage_read() we perform a load of the data into a local buffer

> which we then access using ldub_p(), lduw_p(), ldl_p() or ldq_p()

> depending on its size, storing the result into the uint64_t *data.

> Since ldl_p() returns an 'int', this means that for the 4-byte

> case we will sign-extend the data, whereas for 1 and 2 byte

> reads we zero-extend it.

> 

> This ought not to matter since the caller will likely ignore values in

> the high bytes of the data, but add a cast so that we're consistent.

> 

> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

> ---


Reviewed-by: Richard Henderson <richard.henderson@linaro.org>



r~

Patch

diff --git a/exec.c b/exec.c
index 9cbba6adcd3..90b47cde7b1 100644
--- a/exec.c
+++ b/exec.c
@@ -2747,7 +2747,7 @@  static MemTxResult subpage_read(void *opaque, hwaddr addr, uint64_t *data,
         *data = lduw_p(buf);
         return MEMTX_OK;
     case 4:
-        *data = ldl_p(buf);
+        *data = (uint32_t)ldl_p(buf);
         return MEMTX_OK;
     case 8:
         *data = ldq_p(buf);