hw/ppc/ppc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
The current way the mask is built can overflow with a 64-bit decrementer.
Use sextract64() instead.
Cc: Luis Fernando Fujita Pires <luis.pires@eldorado.org.br>
Fixes: a8dafa525181 ("target/ppc: Implement large decrementer support for TCG")
Signed-off-by: Cédric Le Goater <clg@kaod.org>
---
v2: replaced MAKE_64BIT_MASK by sextract64
hw/ppc/ppc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/ppc/ppc.c b/hw/ppc/ppc.c
index 7375bf4fa910..4f14464c9220 100644
--- a/hw/ppc/ppc.c
+++ b/hw/ppc/ppc.c
@@ -876,7 +876,7 @@ static void __cpu_ppc_store_decr(PowerPCCPU *cpu, uint64_t *nextp,
bool negative;
/* Truncate value to decr_width and sign extend for simplicity */
- value &= ((1ULL << nr_bits) - 1);
+ value = sextract64(value, 0, nr_bits);
negative = !!(value & (1ULL << (nr_bits - 1)));
if (negative) {
value |= (0xFFFFFFFFULL << nr_bits);
--
2.31.1
On Tue, 14 Sept 2021 at 09:56, Cédric Le Goater <clg@kaod.org> wrote: > > The current way the mask is built can overflow with a 64-bit decrementer. > Use sextract64() instead. > > Cc: Luis Fernando Fujita Pires <luis.pires@eldorado.org.br> > Fixes: a8dafa525181 ("target/ppc: Implement large decrementer support for TCG") > Signed-off-by: Cédric Le Goater <clg@kaod.org> > --- > > v2: replaced MAKE_64BIT_MASK by sextract64 > > hw/ppc/ppc.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/hw/ppc/ppc.c b/hw/ppc/ppc.c > index 7375bf4fa910..4f14464c9220 100644 > --- a/hw/ppc/ppc.c > +++ b/hw/ppc/ppc.c > @@ -876,7 +876,7 @@ static void __cpu_ppc_store_decr(PowerPCCPU *cpu, uint64_t *nextp, > bool negative; > > /* Truncate value to decr_width and sign extend for simplicity */ > - value &= ((1ULL << nr_bits) - 1); > + value = sextract64(value, 0, nr_bits); > negative = !!(value & (1ULL << (nr_bits - 1))); > if (negative) { > value |= (0xFFFFFFFFULL << nr_bits); I think these lines that say "if negative then force all the high bits to one" are also no longer required. That is, this entire section of code: value &= ((1ULL << nr_bits) - 1); negative = !!(value & (1ULL << (nr_bits - 1))); if (negative) { value |= (0xFFFFFFFFULL << nr_bits); } is an open-coded sign-extension, which can all be replaced with the single line value = sextract64(value, 0, nr_bits); (and also: if nr_bits is 64 then the "<< nr_bits" is undefined behaviour.) thanks -- PMM
On 9/14/21 11:19 AM, Peter Maydell wrote: > On Tue, 14 Sept 2021 at 09:56, Cédric Le Goater <clg@kaod.org> wrote: >> >> The current way the mask is built can overflow with a 64-bit decrementer. >> Use sextract64() instead. >> >> Cc: Luis Fernando Fujita Pires <luis.pires@eldorado.org.br> >> Fixes: a8dafa525181 ("target/ppc: Implement large decrementer support for TCG") >> Signed-off-by: Cédric Le Goater <clg@kaod.org> >> --- >> >> v2: replaced MAKE_64BIT_MASK by sextract64 >> >> hw/ppc/ppc.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/hw/ppc/ppc.c b/hw/ppc/ppc.c >> index 7375bf4fa910..4f14464c9220 100644 >> --- a/hw/ppc/ppc.c >> +++ b/hw/ppc/ppc.c >> @@ -876,7 +876,7 @@ static void __cpu_ppc_store_decr(PowerPCCPU *cpu, uint64_t *nextp, >> bool negative; >> >> /* Truncate value to decr_width and sign extend for simplicity */ >> - value &= ((1ULL << nr_bits) - 1); >> + value = sextract64(value, 0, nr_bits); >> negative = !!(value & (1ULL << (nr_bits - 1))); >> if (negative) { >> value |= (0xFFFFFFFFULL << nr_bits); > > I think these lines that say "if negative then force all the > high bits to one" are also no longer required. That is, this > entire section of code: > value &= ((1ULL << nr_bits) - 1); > negative = !!(value & (1ULL << (nr_bits - 1))); > if (negative) { > value |= (0xFFFFFFFFULL << nr_bits); > } > > is an open-coded sign-extension, which can all be replaced with > the single line > value = sextract64(value, 0, nr_bits); 'negative' is used for more tests afterwards but you are right. I will respin with more changes. I am reluctant in changing too much because this is common code for PPC32 and PPC64. But, hey, I will do my best with the images I have. > (and also: if nr_bits is 64 then the "<< nr_bits" > is undefined behaviour.) That's the initial issue raised by the new little PPC FPGA softcore called microwatt as it's using a 64bit decrementer. Thanks, C. > > thanks > -- PMM >
On Tue, 14 Sept 2021 at 10:47, Cédric Le Goater <clg@kaod.org> wrote: > > On 9/14/21 11:19 AM, Peter Maydell wrote: > > On Tue, 14 Sept 2021 at 09:56, Cédric Le Goater <clg@kaod.org> wrote: > >> > >> The current way the mask is built can overflow with a 64-bit decrementer. > >> Use sextract64() instead. > >> > >> Cc: Luis Fernando Fujita Pires <luis.pires@eldorado.org.br> > >> Fixes: a8dafa525181 ("target/ppc: Implement large decrementer support for TCG") > >> Signed-off-by: Cédric Le Goater <clg@kaod.org> > >> --- > >> > >> v2: replaced MAKE_64BIT_MASK by sextract64 > >> > >> hw/ppc/ppc.c | 2 +- > >> 1 file changed, 1 insertion(+), 1 deletion(-) > >> > >> diff --git a/hw/ppc/ppc.c b/hw/ppc/ppc.c > >> index 7375bf4fa910..4f14464c9220 100644 > >> --- a/hw/ppc/ppc.c > >> +++ b/hw/ppc/ppc.c > >> @@ -876,7 +876,7 @@ static void __cpu_ppc_store_decr(PowerPCCPU *cpu, uint64_t *nextp, > >> bool negative; > >> > >> /* Truncate value to decr_width and sign extend for simplicity */ > >> - value &= ((1ULL << nr_bits) - 1); > >> + value = sextract64(value, 0, nr_bits); > >> negative = !!(value & (1ULL << (nr_bits - 1))); > >> if (negative) { > >> value |= (0xFFFFFFFFULL << nr_bits); > > > > I think these lines that say "if negative then force all the > > high bits to one" are also no longer required. That is, this > > entire section of code: > > value &= ((1ULL << nr_bits) - 1); > > negative = !!(value & (1ULL << (nr_bits - 1))); > > if (negative) { > > value |= (0xFFFFFFFFULL << nr_bits); > > } > > > > is an open-coded sign-extension, which can all be replaced with > > the single line > > value = sextract64(value, 0, nr_bits); > > 'negative' is used for more tests afterwards but you are right. I will respin > with more changes. After the sign-extension you can set 'negative' with negative = ((target_long)value) < 0; PS: passing a negative value into muldiv64() to set the next timer event (as the existing code does in some cases) seems a bit odd; this probably ends up with an arithmetic overflow and setting the next timeout to something unintended. But that's a separate issue from the bug you're dealing with here. -- PMM
On 9/14/21 2:47 AM, Cédric Le Goater wrote: > On 9/14/21 11:19 AM, Peter Maydell wrote: >>> /* Truncate value to decr_width and sign extend for simplicity */ >>> - value &= ((1ULL << nr_bits) - 1); >>> + value = sextract64(value, 0, nr_bits); >>> negative = !!(value & (1ULL << (nr_bits - 1))); >>> if (negative) { >>> value |= (0xFFFFFFFFULL << nr_bits); >> >> I think these lines that say "if negative then force all the >> high bits to one" are also no longer required. That is, this >> entire section of code: >> value &= ((1ULL << nr_bits) - 1); >> negative = !!(value & (1ULL << (nr_bits - 1))); >> if (negative) { >> value |= (0xFFFFFFFFULL << nr_bits); >> } >> >> is an open-coded sign-extension, which can all be replaced with >> the single line >> value = sextract64(value, 0, nr_bits); > > 'negative' is used for more tests afterwards but you are right. I will respin > with more changes. After the sign-extension, negative needs no complicated expression. value = sextract64(value, 0, nr_bits); negative = (target_long)value < 0; r~
On 9/14/21 3:21 PM, Richard Henderson wrote: > On 9/14/21 2:47 AM, Cédric Le Goater wrote: >> On 9/14/21 11:19 AM, Peter Maydell wrote: >>>> /* Truncate value to decr_width and sign extend for simplicity */ >>>> - value &= ((1ULL << nr_bits) - 1); >>>> + value = sextract64(value, 0, nr_bits); >>>> negative = !!(value & (1ULL << (nr_bits - 1))); >>>> if (negative) { >>>> value |= (0xFFFFFFFFULL << nr_bits); >>> >>> I think these lines that say "if negative then force all the >>> high bits to one" are also no longer required. That is, this >>> entire section of code: >>> value &= ((1ULL << nr_bits) - 1); >>> negative = !!(value & (1ULL << (nr_bits - 1))); >>> if (negative) { >>> value |= (0xFFFFFFFFULL << nr_bits); >>> } >>> >>> is an open-coded sign-extension, which can all be replaced with >>> the single line >>> value = sextract64(value, 0, nr_bits); >> >> 'negative' is used for more tests afterwards but you are right. I will respin >> with more changes. > > After the sign-extension, negative needs no complicated expression. > > value = sextract64(value, 0, nr_bits); > negative = (target_long)value < 0; Yes. I was wondering about the 'target_ulong' type used for the value and decr variables. The code has below : ... if ((value < 3) || ... and then another sign calculation on a target_ulong ... && !(decr & (1ULL << (nr_bits - 1))))) { ... We should introduce intermediate 'int64_t' variables to extract the sign values from the target_ulong. That would be cleaner. Thanks, C.
On 9/14/21 6:43 AM, Cédric Le Goater wrote: > and then another sign calculation on a target_ulong > > ... > && !(decr & (1ULL << (nr_bits - 1))))) { I was wondering if that was supposed to be an unsigned test for a "small" value (i.e. decr < MAKE_64BIT_MASK(0, nr_bits)? Certainly decr should never be negative, since the decrementer never increments, and I can't figure out what it's supposed to mean otherwise. > We should introduce intermediate 'int64_t' variables to extract the > sign values from the target_ulong. That would be cleaner. Yes it would. The underflow test becomes easier for certain. r~
© 2016 - 2024 Red Hat, Inc.