The previous formuation with multiple assignments to __typeof(*hptr) falls
down when hptr is qualified const. E.g. with const struct S *p, p->f is
also qualified const.
With this formulation, there's no assignment to any local variable.
Signed-off-by: Richard Henderson <r...@twiddle.net>
---
linux-user/qemu.h | 67 ++++++++++++++++++++++++++++++-------------------------
1 file changed, 37 insertions(+), 30 deletions(-)
diff --git a/linux-user/qemu.h b/linux-user/qemu.h
index 5e53dca..bf0c911 100644
--- a/linux-user/qemu.h
+++ b/linux-user/qemu.h
@@ -287,36 +287,43 @@ static inline int access_ok(int type, abi_ulong addr,
abi_ulong size)
(type == VERIFY_READ) ? PAGE_READ : (PAGE_READ |
PAGE_WRITE)) == 0;
}
-/* NOTE __get_user and __put_user use host pointers and don't check access. */
-/* These are usually used to access struct data members once the
- * struct has been locked - usually with lock_user_struct().
- */
-#define __put_user(x, hptr)\
-({ __typeof(*hptr) pu_ = (x);\
- switch(sizeof(*hptr)) {\
- case 1: break;\
- case 2: pu_ = tswap16(pu_); break; \
- case 4: pu_ = tswap32(pu_); break; \
- case 8: pu_ = tswap64(pu_); break; \
- default: abort();\
- }\
- memcpy(hptr, &pu_, sizeof(pu_)); \
- 0;\
-})
-
-#define __get_user(x, hptr) \
-({ __typeof(*hptr) gu_; \
- memcpy(&gu_, hptr, sizeof(gu_)); \
- switch(sizeof(*hptr)) {\
- case 1: break; \
- case 2: gu_ = tswap16(gu_); break; \
- case 4: gu_ = tswap32(gu_); break; \
- case 8: gu_ = tswap64(gu_); break; \
- default: abort();\
- }\
- (x) = gu_; \
- 0;\
-})
+/* NOTE __get_user and __put_user use host pointers and don't check access.
+ These are usually used to access struct data members once the struct has
+ been locked - usually with lock_user_struct. */
+
+/* Tricky points:
+ - Use __builtin_choose_expr to avoid type promotion from ?:,
+ - Invalid sizes result in a "invalid use of void expression" error,
+ stemming from the fact that the return type of abort is void.
+ - While we eliminate byte stores with the "true" part of the first
+ choose, the "false" part of the first choose must remain valid
+ to avoid tripping over the "invalid use" error above. Thus the
+ use of <= 2 to keep byte stores syntactically ok in the discarded
+ expression. */
+
+#define __put_user(x, hptr) \
+(__builtin_choose_expr(sizeof(*(hptr)) == 1, *(hptr) = (uint8_t)(x), \
+ __builtin_choose_expr(sizeof(*(hptr)) <= 2, unaligned_w16, \
+ __builtin_choose_expr(sizeof(*(hptr)) == 4, unaligned_w32, \
+ __builtin_choose_expr(sizeof(*(hptr)) == 8, unaligned_w64, abort))) \
+ ((hptr), \
+ __builtin_choose_expr(sizeof(*(hptr)) <= 2, tswap16((uint16_t)(x)), \
+ __builtin_choose_expr(sizeof(*(hptr)) == 4, tswap32((uint32_t)(x)), \
+ __builtin_choose_expr(sizeof(*(hptr)) == 8, tswap64((uint64_t)(x)), \
+ abort()))))), \
+ 0)
+
+#define __get_user(x, hptr) \
+((x) = \
+ __builtin_choose_expr(sizeof(*(hptr)) == 1, *(hptr), \
+ __builtin_choose_expr(sizeof(*(hptr)) == 2, \
+ (typeof(*(hptr)))tswap16(unaligned_r16(hptr)), \
+ __builtin_choose_expr(sizeof(*(hptr)) == 4, \
+ (typeof(*(hptr)))tswap32(unaligned_r32(hptr)), \
+ __builtin_choose_expr(sizeof(*(hptr)) == 8, \
+ (typeof(*(hptr)))tswap64(unaligned_r64(hptr)), \
+ abort())))), \
+ 0)
/* put_user()/get_user() take a guest address and check access */
/* These are usually used to access an atomic data type, such as an int,
--
1.7.11.7
