On 9/13/21 6:27 PM, Cédric Le Goater wrote:
> The current way the mask is built can overflow with a 64-bit decrementer.
> Use MAKE_64BIT_MASK instead.
>
> Fixes: a8dafa525181 ("target/ppc: Implement large decrementer support for
> TCG")
> Signed-off-by: Cédric Le Goater <c...@kaod.org>
> ---
>
> This was found with the QEMU Microwatt machine which uses a 64bit
> decrementer. Here is an experimental tree:
>
> https://github.com/legoater/qemu/tree/microwatt
>
> hw/ppc/ppc.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/ppc/ppc.c b/hw/ppc/ppc.c
> index 7375bf4fa910..a86125c50ff9 100644
> --- a/hw/ppc/ppc.c
> +++ b/hw/ppc/ppc.c
> @@ -876,7 +876,7 @@ static void __cpu_ppc_store_decr(PowerPCCPU *cpu,
> uint64_t *nextp,
> bool negative;
>
> /* Truncate value to decr_width and sign extend for simplicity */
> - value &= ((1ULL << nr_bits) - 1);
> + value &= MAKE_64BIT_MASK(0, nr_bits);
What about:
value = extract64(value, 0, nr_bits);
if (value != sextract64(value, 0, nr_bits)) { ...
> negative = !!(value & (1ULL << (nr_bits - 1)));
> if (negative) {
> value |= (0xFFFFFFFFULL << nr_bits);
>
