From patchwork Thu Aug 1 14:23:20 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 1967689 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=Ekt+TZyK; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=patchwork.ozlabs.org) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4WZWSL0sLgz1ybX for ; Fri, 2 Aug 2024 00:24:34 +1000 (AEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sZWiJ-0004os-G0; Thu, 01 Aug 2024 10:23:31 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sZWiH-0004fI-8d for qemu-devel@nongnu.org; Thu, 01 Aug 2024 10:23:29 -0400 Received: from mail-wm1-x32a.google.com ([2a00:1450:4864:20::32a]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sZWiE-0002e7-TV for qemu-devel@nongnu.org; Thu, 01 Aug 2024 10:23:29 -0400 Received: by mail-wm1-x32a.google.com with SMTP id 5b1f17b1804b1-4266dc7591fso44145315e9.0 for ; Thu, 01 Aug 2024 07:23:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722522205; x=1723127005; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=I/6CNtfkx/vK3/2m6asJcZw+ghBegtW4R7IRgfjVD4E=; b=Ekt+TZyKTOh3e8Uk9xh9H2AcTuFpJ/5cKnknWiK2iJb3sNz2A0l2pWvR89kOX6rSNs ssgJlAA0IWJ6iMAjHmfzjiTJsQOMkO0UOk7P/KhLQXZhGfQLnDnMPr/hMG2LDmQDttGH Gc4UXkdIcMh7/c3wAo+MUI+rMhLtj1piidd3vmECDfY50csWe6ek5mDcHYGgmfNWgB7z n5dI8E4i0I5it71Fyb0VhpAFtF7M1F6/Jz+lG4Q4JBKqxSZkPMp0g5Ke2Be9nWkbYUGX FRArZDF5yjOetvGb8JzylITzHSCJRBLJ5a+BJW/sneUtFJvCEbafRHaXE+z497eH+ZW8 404w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722522205; x=1723127005; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=I/6CNtfkx/vK3/2m6asJcZw+ghBegtW4R7IRgfjVD4E=; b=LYRoIgxzk6Q4quLVGyz1QFme9GPK+iIJ+cWVNOkxJr9Y1oDfTnvp5EB2TW7idpe4Ct PUkYVja77B18/+U8u8tNTIZpMkziGbOM14uShmyFKFMBOdt2BfKE7Gz5gwbUj4vS70MG a12cKj+j/ybh+3L5PuwhvPJXgxJQYLSpNgiz1aNZPHc+yqzNzRZxwgd61YMD27JU4Bxs xMm0PEUr662MYw+mW7LhNIHkphcrEszeYzCgmwmfq+CWcWvqsHIxecaw6Im3ib8Dx0Ah 6XPKwcnqyVLkCG07cYlUer5zY97nd/0gGKt8y6tFBZGoF4ZdL1VtFRGcfvFcChVJHfjT D8yA== X-Gm-Message-State: AOJu0YxhwXiiZrGRkfXHE1RTdJjjEdL0u1+hi5Nz/dhNqbsEyMZtpsnR bMP7VxIp0AnypfRCQaFEFh3MIeq20C/nXHYPOLQl1OllmSYppqHVkXTAweCRfwgQWoU/o+JKN5Q R X-Google-Smtp-Source: AGHT+IGxHDXVNERd/qiwsLBtD0aEPlVLnxfuSvl3OsVlnfkTXpLlg+KhXmsyIRK1t35Wf6k4jtrHSw== X-Received: by 2002:a05:600c:524f:b0:428:17b6:bcf1 with SMTP id 5b1f17b1804b1-428e6b0a2bcmr300065e9.22.1722522205173; Thu, 01 Aug 2024 07:23:25 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-428e08012d7sm29657435e9.22.2024.08.01.07.23.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 01 Aug 2024 07:23:24 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 2/4] accel/kvm/kvm-all: Fixes the missing break in vCPU unpark logic Date: Thu, 1 Aug 2024 15:23:20 +0100 Message-Id: <20240801142322.3948866-3-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240801142322.3948866-1-peter.maydell@linaro.org> References: <20240801142322.3948866-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::32a; envelope-from=peter.maydell@linaro.org; helo=mail-wm1-x32a.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org From: Salil Mehta Loop should exit prematurely on successfully finding out the parked vCPU (struct KVMParkedVcpu) in the 'struct KVMState' maintained 'kvm_parked_vcpus' list of parked vCPUs. Fixes: Coverity CID 1558552 Fixes: 08c3286822 ("accel/kvm: Extract common KVM vCPU {creation,parking} code") Reported-by: Peter Maydell Signed-off-by: Salil Mehta Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Gavin Shan Reviewed-by: Zhao Liu Reviewed-by: Igor Mammedov Message-id: 20240725145132.99355-1-salil.mehta@huawei.com Suggested-by: Peter Maydell Message-ID: Signed-off-by: Salil Mehta Signed-off-by: Peter Maydell --- accel/kvm/kvm-all.c | 1 + 1 file changed, 1 insertion(+) diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c index e1d13863063..75d11a07b2b 100644 --- a/accel/kvm/kvm-all.c +++ b/accel/kvm/kvm-all.c @@ -362,6 +362,7 @@ int kvm_unpark_vcpu(KVMState *s, unsigned long vcpu_id) QLIST_REMOVE(cpu, node); kvm_fd = cpu->kvm_fd; g_free(cpu); + break; } } From patchwork Thu Aug 1 14:23:21 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 1967687 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=LLi6/PqJ; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=patchwork.ozlabs.org) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4WZWS31cbPz1ydw for ; Fri, 2 Aug 2024 00:24:19 +1000 (AEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sZWiI-0004ko-JT; Thu, 01 Aug 2024 10:23:30 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sZWiH-0004hn-Ru for qemu-devel@nongnu.org; Thu, 01 Aug 2024 10:23:29 -0400 Received: from mail-wm1-x329.google.com ([2a00:1450:4864:20::329]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sZWiF-0002eI-C6 for qemu-devel@nongnu.org; Thu, 01 Aug 2024 10:23:29 -0400 Received: by mail-wm1-x329.google.com with SMTP id 5b1f17b1804b1-428243f928fso35057655e9.0 for ; Thu, 01 Aug 2024 07:23:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722522206; x=1723127006; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=z0Rcx78XVil5biE/RI1myOYEZI1VSLw6RG7NHHvURqE=; b=LLi6/PqJ/qf0nTxA32ZhGZAya06+F94xeT+AfYudrDyCk+I9XVbn1EOTKoDngvg0e9 d+fxT5CdYn/5rUK7gls1I3LZMkEAYBRol0VkeX423yb4abEQgngJytyPiNdEwWDlmJIO cW/dX87G4YqUjrCRkQ+HLjm7ZV3ErshEFSGm9NyE1CpElhlU+WtS9M9rc7CIoaaaMsPE m8guJRN5En/VzDfDccWqxlMVhAXDBOek2B9+WHkluw0gnfeBB967dcPwLEKETiKPaG2S RUhT3d43sWqzhXYRDYndFgsoCv82Qocint+Nv3kqDzc1Kpdx1hnotdJckcLQ4ZI4gD+t K+LQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722522206; x=1723127006; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=z0Rcx78XVil5biE/RI1myOYEZI1VSLw6RG7NHHvURqE=; b=mCqSfdBRBl4UBSe0jbSeOq7d1pDYZeMI2vsW+XJbzzA6hWB45kr2lJL33wJ6ofogGv eY31jgI8vPTR+YvQzCizC/NkI696mwfQzNLXqIlxgQV7dn2g1ROFKVK+5cymvV3xKMG+ IYRfgesHZsWt2IBvHUac0KG6Bp/xMnnhwcNJG2BLRoporGoAylLihTDkWjwo1fblJHcV Nh378EimIXNnfCk1f93gOJD3Zdt5HMUg0EVKfZS7YBK/Fdh7/MLKMrSBG8DY7W2uIPO2 vp4Z+znpak/7+H4UceQNcQujNXvTDQIAUm4eD48N38XPm6GgPB9SEwlU9pGEpiZjGpjh l3Yw== X-Gm-Message-State: AOJu0YwlU72fPPFZi+n274SlEfQopTKCsTVNkynuNoLYZyFLecvSIBqF O+SWrshhAymjEBLQDU+zOSlBNS6eCNNU/LNwp1jNca0bxsUAUj5jIl4xv9+1rMmp/WRZcAqRXLP h X-Google-Smtp-Source: AGHT+IFIomiJV9BHIOyA0hIlgZjzPLbP2eJu3c4lTlUKXqDmg7vRtbdTvHuTKKHyzPZuCPQZDPiilA== X-Received: by 2002:a05:600c:19d4:b0:426:690d:d5b7 with SMTP id 5b1f17b1804b1-428e6b7e95fmr153595e9.25.1722522205659; Thu, 01 Aug 2024 07:23:25 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-428e08012d7sm29657435e9.22.2024.08.01.07.23.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 01 Aug 2024 07:23:25 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 3/4] target/arm: Handle denormals correctly for FMOPA (widening) Date: Thu, 1 Aug 2024 15:23:21 +0100 Message-Id: <20240801142322.3948866-4-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240801142322.3948866-1-peter.maydell@linaro.org> References: <20240801142322.3948866-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::329; envelope-from=peter.maydell@linaro.org; helo=mail-wm1-x329.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org The FMOPA (widening) SME instruction takes pairs of half-precision floating point values, widens them to single-precision, does a two-way dot product and accumulates the results into a single-precision destination. We don't quite correctly handle the FPCR bits FZ and FZ16 which control flushing of denormal inputs and outputs. This is because at the moment we pass a single float_status value to the helper function, which then uses that configuration for all the fp operations it does. However, because the inputs to this operation are float16 and the outputs are float32 we need to use the fp_status_f16 for the float16 input widening but the normal fp_status for everything else. Otherwise we will apply the flushing control FPCR.FZ16 to the 32-bit output rather than the FPCR.FZ control, and incorrectly flush a denormal output to zero when we should not (or vice-versa). (In commit 207d30b5fdb5b we tried to fix the FZ handling but didn't get it right, switching from "use FPCR.FZ for everything" to "use FPCR.FZ16 for everything".) Pass the CPU env to the sme_fmopa_h helper instead of an fp_status pointer, and have the helper pass an extra fp_status into the f16_dotadd() function so that we can use the right status for the right parts of this operation. Cc: qemu-stable@nongnu.org Fixes: 207d30b5fdb5 ("target/arm: Use FPST_F16 for SME FMOPA (widening)") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2373 Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson --- target/arm/tcg/helper-sme.h | 2 +- target/arm/tcg/sme_helper.c | 39 +++++++++++++++++++++++----------- target/arm/tcg/translate-sme.c | 25 ++++++++++++++++++++-- 3 files changed, 51 insertions(+), 15 deletions(-) diff --git a/target/arm/tcg/helper-sme.h b/target/arm/tcg/helper-sme.h index 27eef49a11e..d22bf9d21b0 100644 --- a/target/arm/tcg/helper-sme.h +++ b/target/arm/tcg/helper-sme.h @@ -121,7 +121,7 @@ DEF_HELPER_FLAGS_5(sme_addha_d, TCG_CALL_NO_RWG, void, ptr, ptr, ptr, ptr, i32) DEF_HELPER_FLAGS_5(sme_addva_d, TCG_CALL_NO_RWG, void, ptr, ptr, ptr, ptr, i32) DEF_HELPER_FLAGS_7(sme_fmopa_h, TCG_CALL_NO_RWG, - void, ptr, ptr, ptr, ptr, ptr, ptr, i32) + void, ptr, ptr, ptr, ptr, ptr, env, i32) DEF_HELPER_FLAGS_7(sme_fmopa_s, TCG_CALL_NO_RWG, void, ptr, ptr, ptr, ptr, ptr, ptr, i32) DEF_HELPER_FLAGS_7(sme_fmopa_d, TCG_CALL_NO_RWG, diff --git a/target/arm/tcg/sme_helper.c b/target/arm/tcg/sme_helper.c index 3ba826a6ceb..02106809ce1 100644 --- a/target/arm/tcg/sme_helper.c +++ b/target/arm/tcg/sme_helper.c @@ -992,12 +992,23 @@ static inline uint32_t f16mop_adj_pair(uint32_t pair, uint32_t pg, uint32_t neg) } static float32 f16_dotadd(float32 sum, uint32_t e1, uint32_t e2, - float_status *s_std, float_status *s_odd) + float_status *s_f16, float_status *s_std, + float_status *s_odd) { - float64 e1r = float16_to_float64(e1 & 0xffff, true, s_std); - float64 e1c = float16_to_float64(e1 >> 16, true, s_std); - float64 e2r = float16_to_float64(e2 & 0xffff, true, s_std); - float64 e2c = float16_to_float64(e2 >> 16, true, s_std); + /* + * We need three different float_status for different parts of this + * operation: + * - the input conversion of the float16 values must use the + * f16-specific float_status, so that the FPCR.FZ16 control is applied + * - operations on float32 including the final accumulation must use + * the normal float_status, so that FPCR.FZ is applied + * - we have pre-set-up copy of s_std which is set to round-to-odd, + * for the multiply (see below) + */ + float64 e1r = float16_to_float64(e1 & 0xffff, true, s_f16); + float64 e1c = float16_to_float64(e1 >> 16, true, s_f16); + float64 e2r = float16_to_float64(e2 & 0xffff, true, s_f16); + float64 e2c = float16_to_float64(e2 >> 16, true, s_f16); float64 t64; float32 t32; @@ -1019,20 +1030,23 @@ static float32 f16_dotadd(float32 sum, uint32_t e1, uint32_t e2, } void HELPER(sme_fmopa_h)(void *vza, void *vzn, void *vzm, void *vpn, - void *vpm, void *vst, uint32_t desc) + void *vpm, CPUARMState *env, uint32_t desc) { intptr_t row, col, oprsz = simd_maxsz(desc); uint32_t neg = simd_data(desc) * 0x80008000u; uint16_t *pn = vpn, *pm = vpm; - float_status fpst_odd, fpst_std; + float_status fpst_odd, fpst_std, fpst_f16; /* - * Make a copy of float_status because this operation does not - * update the cumulative fp exception status. It also produces - * default nans. Make a second copy with round-to-odd -- see above. + * Make copies of fp_status and fp_status_f16, because this operation + * does not update the cumulative fp exception status. It also + * produces default NaNs. We also need a second copy of fp_status with + * round-to-odd -- see above. */ - fpst_std = *(float_status *)vst; + fpst_f16 = env->vfp.fp_status_f16; + fpst_std = env->vfp.fp_status; set_default_nan_mode(true, &fpst_std); + set_default_nan_mode(true, &fpst_f16); fpst_odd = fpst_std; set_float_rounding_mode(float_round_to_odd, &fpst_odd); @@ -1052,7 +1066,8 @@ void HELPER(sme_fmopa_h)(void *vza, void *vzn, void *vzm, void *vpn, uint32_t m = *(uint32_t *)(vzm + H1_4(col)); m = f16mop_adj_pair(m, pcol, 0); - *a = f16_dotadd(*a, n, m, &fpst_std, &fpst_odd); + *a = f16_dotadd(*a, n, m, + &fpst_f16, &fpst_std, &fpst_odd); } col += 4; pcol >>= 4; diff --git a/target/arm/tcg/translate-sme.c b/target/arm/tcg/translate-sme.c index a50a419af27..ae42ddef7b3 100644 --- a/target/arm/tcg/translate-sme.c +++ b/target/arm/tcg/translate-sme.c @@ -334,8 +334,29 @@ static bool do_outprod_fpst(DisasContext *s, arg_op *a, MemOp esz, return true; } -TRANS_FEAT(FMOPA_h, aa64_sme, do_outprod_fpst, a, - MO_32, FPST_FPCR_F16, gen_helper_sme_fmopa_h) +static bool do_outprod_env(DisasContext *s, arg_op *a, MemOp esz, + gen_helper_gvec_5_ptr *fn) +{ + int svl = streaming_vec_reg_size(s); + uint32_t desc = simd_desc(svl, svl, a->sub); + TCGv_ptr za, zn, zm, pn, pm; + + if (!sme_smza_enabled_check(s)) { + return true; + } + + za = get_tile(s, esz, a->zad); + zn = vec_full_reg_ptr(s, a->zn); + zm = vec_full_reg_ptr(s, a->zm); + pn = pred_full_reg_ptr(s, a->pn); + pm = pred_full_reg_ptr(s, a->pm); + + fn(za, zn, zm, pn, pm, tcg_env, tcg_constant_i32(desc)); + return true; +} + +TRANS_FEAT(FMOPA_h, aa64_sme, do_outprod_env, a, + MO_32, gen_helper_sme_fmopa_h) TRANS_FEAT(FMOPA_s, aa64_sme, do_outprod_fpst, a, MO_32, FPST_FPCR, gen_helper_sme_fmopa_s) TRANS_FEAT(FMOPA_d, aa64_sme_f64f64, do_outprod_fpst, a, From patchwork Thu Aug 1 14:23:22 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 1967685 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=s8uVYjeP; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=patchwork.ozlabs.org) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4WZWS26kvYz1ybX for ; Fri, 2 Aug 2024 00:24:18 +1000 (AEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sZWiL-0004w9-4u; Thu, 01 Aug 2024 10:23:33 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sZWiH-0004iD-Ux for qemu-devel@nongnu.org; Thu, 01 Aug 2024 10:23:30 -0400 Received: from mail-lf1-x129.google.com ([2a00:1450:4864:20::129]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sZWiG-0002eN-7y for qemu-devel@nongnu.org; Thu, 01 Aug 2024 10:23:29 -0400 Received: by mail-lf1-x129.google.com with SMTP id 2adb3069b0e04-52efd530a4eso10870635e87.0 for ; Thu, 01 Aug 2024 07:23:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1722522206; x=1723127006; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Bek6kRqgfRzW+L/s2A9z/Tq60M2bck1dCjbLVYSP28w=; b=s8uVYjeP227e5wmxqTO5buNKKkseicQxqxXI23OVFVgTJwG6ZQEMgo829KidsiD3a9 w02D2gdpJiZ9r8xrBZoD+n7OTCAvXOnXrOvX1AiR3quDv7nZOJ9IIIbu7aJHfLzBkOgn Q5pWFjkW1qiCKEMkCpnsMBjeFPZrLyaXg46Q03nt8DJ88FsYRyjkNnDmEelJ8WIxTFRd kLWstTYLNkN/Z2LtK+JIIQtyT2FkqOF/IM1lgvd5SVd9iJWf8tpinSEka34wYnSI8cna MRbT/9sFt2IWK2dk8fc8nmRjFYSwDSN72b02n9PCU5H97tNO4wMh/QZ2YbPqio6xaDT/ sr+w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722522206; x=1723127006; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Bek6kRqgfRzW+L/s2A9z/Tq60M2bck1dCjbLVYSP28w=; b=PhXj1l3m8Jlt6+eoOCcVdDDDxDf6FKnooy+XtkZYx02GjSJ0NbbwLZYvGvrG2UWHaR Bkg+s7UnIFXJRF+pDZL2/XW9F+h2EXC6xcgu1Ll9Fvr0Fblow/6Cf4Ps/XbQ+UMhKeER w4ULaARds3irtfQKo/c54JP/Ae9stWK449mtE2cEt/JgFIBFml7MBcvnRkkB9J10f8vf SMnLPOHHRin8WryzP583EKJyBC53uX+XiC9oN0yfGjyroeACHpj5twihf4RVAMiMHZfz 0XVvRF0dA8A+dHV1kN4qrbdUAANaigvMluys4hyJFZ58uzC+n/lSuYoCc70uIcA2CPo2 DilQ== X-Gm-Message-State: AOJu0YwJ4xxAS4OLDClsyI8BvD8J4sWYEiMIFtq2DANkpUqKf8efHX+d Wl/BAMWhs14Vs98/tkMMqOsFpLXqCsPo34QAly4o2wR3bsFwlCUcK2uzMmJGnvPPFapXgSTBEdA e X-Google-Smtp-Source: AGHT+IH53T7pebIemw95fooMDr/bmv9tmNtJUgNKsMv/ZaKADbr5vLwLYRMGZExvlAdHVmNU8RoztQ== X-Received: by 2002:a05:6512:3f0d:b0:530:b871:eb90 with SMTP id 2adb3069b0e04-530bb39b860mr20663e87.40.1722522206167; Thu, 01 Aug 2024 07:23:26 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-428e08012d7sm29657435e9.22.2024.08.01.07.23.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 01 Aug 2024 07:23:25 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 4/4] target/xtensa: Correct assert condition in handle_interrupt() Date: Thu, 1 Aug 2024 15:23:22 +0100 Message-Id: <20240801142322.3948866-5-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240801142322.3948866-1-peter.maydell@linaro.org> References: <20240801142322.3948866-1-peter.maydell@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::129; envelope-from=peter.maydell@linaro.org; helo=mail-lf1-x129.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org In commit ad18376b90c8101 we added an assert that the level value was in-bounds for the array we're about to index into. However, the assert condition is wrong -- env->config->interrupt_vector is an array of uint32_t, so we should bounds check the index against ARRAY_SIZE(...), not against sizeof(). Resolves: Coverity CID 1507131 Fixes: ad18376b90c8101 ("target/xtensa: Assert that interrupt level is within bounds") Signed-off-by: Peter Maydell Acked-by: Max Filippov Reviewed-by: Philippe Mathieu-Daudé Message-id: 20240731172246.3682311-1-peter.maydell@linaro.org --- target/xtensa/exc_helper.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/xtensa/exc_helper.c b/target/xtensa/exc_helper.c index 0514c2c1f32..ca629f071d1 100644 --- a/target/xtensa/exc_helper.c +++ b/target/xtensa/exc_helper.c @@ -171,7 +171,7 @@ static void handle_interrupt(CPUXtensaState *env) if (level > 1) { /* env->config->nlevel check should have ensured this */ - assert(level < sizeof(env->config->interrupt_vector)); + assert(level < ARRAY_SIZE(env->config->interrupt_vector)); env->sregs[EPC1 + level - 1] = env->pc; env->sregs[EPS2 + level - 2] = env->sregs[PS];