| Message ID | 20230606171629.98157-1-richard.henderson@linaro.org |
|---|---|
| State | Accepted |
| Commit | c0dde5fc5ccce56b69095bc29af72987efd65d1e |
| Headers | show |
| Series | accel/tcg: Fix undefined shift in store_whole_le16 | expand |
On Tue, 6 Jun 2023 at 18:16, Richard Henderson <richard.henderson@linaro.org> wrote: > > The computation is documented as unused in this case, > but triggers an ubsan error: > > ../accel/tcg/ldst_atomicity.c.inc:837:33: runtime error: shift exponent -32 is negative > SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../accel/tcg/ldst_atomicity.c.inc:837:33 in > > Signed-off-by: Richard Henderson <richard.henderson@linaro.org> > --- > > Hi Peter. Found this while merge testing FEAT_LSE. > Clearly my bug, which I ought to have found earlier. > > > r~ > > --- > accel/tcg/ldst_atomicity.c.inc | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/accel/tcg/ldst_atomicity.c.inc b/accel/tcg/ldst_atomicity.c.inc > index 2514899408..de70531a7a 100644 > --- a/accel/tcg/ldst_atomicity.c.inc > +++ b/accel/tcg/ldst_atomicity.c.inc > @@ -833,7 +833,9 @@ static uint64_t store_whole_le16(void *pv, int size, Int128 val_le) > } > store_atom_insert_al16(pv - o, v, m); > > - /* Unused if sz <= 64. */ > + if (sz <= 64) { > + return 0; > + } > return int128_gethi(val_le) >> (sz - 64); > } Reviewed-by: Peter Maydell <peter.maydell@linaro.org> thanks -- PMM
diff --git a/accel/tcg/ldst_atomicity.c.inc b/accel/tcg/ldst_atomicity.c.inc index 2514899408..de70531a7a 100644 --- a/accel/tcg/ldst_atomicity.c.inc +++ b/accel/tcg/ldst_atomicity.c.inc @@ -833,7 +833,9 @@ static uint64_t store_whole_le16(void *pv, int size, Int128 val_le) } store_atom_insert_al16(pv - o, v, m); - /* Unused if sz <= 64. */ + if (sz <= 64) { + return 0; + } return int128_gethi(val_le) >> (sz - 64); }
The computation is documented as unused in this case, but triggers an ubsan error: ../accel/tcg/ldst_atomicity.c.inc:837:33: runtime error: shift exponent -32 is negative SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../accel/tcg/ldst_atomicity.c.inc:837:33 in Signed-off-by: Richard Henderson <richard.henderson@linaro.org> --- Hi Peter. Found this while merge testing FEAT_LSE. Clearly my bug, which I ought to have found earlier. r~ --- accel/tcg/ldst_atomicity.c.inc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)