Git Repo - qemu.git/commit

author	Philippe Mathieu-Daudé <[email protected]>
	Thu, 27 Sep 2018 00:24:16 +0000 (02:24 +0200)
committer	Paolo Bonzini <[email protected]>
	Tue, 2 Oct 2018 17:09:14 +0000 (19:09 +0200)
commit	98f52cdbb5cb44c0ec69a133fc34505ea7c26520
tree	ec4057ddb63a16c18effd4c3da538832c3cd1703	tree \| snapshot
parent	3c754a9383ac70f316f1b98aec203182de250c42	commit \| diff

memory: Fix access_with_adjusted_size(small size) on big-endian memory regions

Memory regions configured as DEVICE_BIG_ENDIAN (or DEVICE_NATIVE_ENDIAN on
big-endian guest) behave incorrectly when the memory access 'size' is smaller
than the implementation 'access_size'.

In the following code segment from access_with_adjusted_size():

    if (memory_region_big_endian(mr)) {
        for (i = 0; i < size; i += access_size) {
            r |= access_fn(mr, addr + i, value, access_size,
                        (size - access_size - i) * 8, access_mask, attrs);
        }

(size - access_size - i) * 8 is the number of bits that will arithmetic
shift the current value.

Currently we can only 'left' shift a read() access, and 'right' shift a write().

When the access 'size' is smaller than the implementation, we get a negative
number of bits to shift.

For the read() case, a negative 'left' shift is a 'right' shift :)
However since the 'shift' type is unsigned, there is currently no way to
right shift.

Fix this by changing the access_fn() prototype to handle signed shift values,
and modify the memory_region_shift_read|write_access() helpers to correctly
arithmetic shift the opposite direction when the 'shift' value is negative.

Signed-off-by: Philippe Mathieu-Daudé <[email protected]>
Message-Id: <20180927002416 [email protected]>
Signed-off-by: Paolo Bonzini <[email protected]>