target/mips: fix TLB huge page check to use 64-bit shift

[PATCH] target/mips: fix TLB huge page check to use 64-bit shift

gerben@altlinux.org posted 1 patch 3 months, 3 weeks ago

Download mbox

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20250722101816.16528-1-gerben@altlinux.org

Maintainers: "Philippe Mathieu-Daudé" <philmd@linaro.org>, Aurelien Jarno <aurelien@aurel32.net>, Jiaxun Yang <jiaxun.yang@flygoat.com>, Aleksandar Rikalo <arikalo@gmail.com>

target/mips/tcg/system/tlb_helper.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

Expand all Fold all

[PATCH] target/mips: fix TLB huge page check to use 64-bit shift

Posted by gerben@altlinux.org 3 months, 3 weeks ago

From: Denis Rastyogin <gerben@altlinux.org>

Use 1ULL << psn to ensure the shift is done in 64-bit arithmetic,
avoiding overflow for large psn values. The 6-bit psn field allows
values up to 63, so 64-bit shift is required for correctness.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Signed-off-by: Denis Rastyogin <gerben@altlinux.org>
---
 target/mips/tcg/system/tlb_helper.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/target/mips/tcg/system/tlb_helper.c b/target/mips/tcg/system/tlb_helper.c
index eccaf3624c..b8b8747064 100644
--- a/target/mips/tcg/system/tlb_helper.c
+++ b/target/mips/tcg/system/tlb_helper.c
@@ -652,7 +652,7 @@ static int walk_directory(CPUMIPSState *env, uint64_t *vaddr,
         return 0;
     }
 
-    if ((entry & (1 << psn)) && hugepg) {
+    if ((entry & (1ULL << psn)) && hugepg) {
         *huge_page = true;
         *hgpg_directory_hit = true;
         entry = get_tlb_entry_layout(env, entry, leaf_mop, pf_ptew);
-- 
2.42.2

Re: [PATCH] target/mips: fix TLB huge page check to use 64-bit shift

Posted by Philippe Mathieu-Daudé 3 months, 3 weeks ago

Hi Denis,

On 22/7/25 12:17, gerben@altlinux.org wrote:
> From: Denis Rastyogin <gerben@altlinux.org>
> 
> Use 1ULL << psn to ensure the shift is done in 64-bit arithmetic,
> avoiding overflow for large psn values. The 6-bit psn field allows
> values up to 63, so 64-bit shift is required for correctness.

If you are really worried about that, please use the simpler
extract64() method instead, it is much clearer to understand
when reviewing than (unsigned long long) casts.

> 
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
> 
> Signed-off-by: Denis Rastyogin <gerben@altlinux.org>
> ---
>   target/mips/tcg/system/tlb_helper.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/target/mips/tcg/system/tlb_helper.c b/target/mips/tcg/system/tlb_helper.c
> index eccaf3624c..b8b8747064 100644
> --- a/target/mips/tcg/system/tlb_helper.c
> +++ b/target/mips/tcg/system/tlb_helper.c
> @@ -652,7 +652,7 @@ static int walk_directory(CPUMIPSState *env, uint64_t *vaddr,
>           return 0;
>       }
>   
> -    if ((entry & (1 << psn)) && hugepg) {
> +    if ((entry & (1ULL << psn)) && hugepg) {
>           *huge_page = true;
>           *hgpg_directory_hit = true;
>           entry = get_tlb_entry_layout(env, entry, leaf_mop, pf_ptew);