From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([140.186.70.92]:55648)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1QeSBv-0004Ia-V9
	for qemu-devel@nongnu.org; Wed, 06 Jul 2011 09:31:01 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1QeSBq-0000MF-Kc
	for qemu-devel@nongnu.org; Wed, 06 Jul 2011 09:30:59 -0400
Received: from mx1.redhat.com ([209.132.183.28]:50227)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <pbonzini@redhat.com>) id 1QeSBq-0000M7-5W
	for qemu-devel@nongnu.org; Wed, 06 Jul 2011 09:30:54 -0400
Message-ID: <4E146387.2030402@redhat.com>
Date: Wed, 06 Jul 2011 15:30:47 +0200
From: Paolo Bonzini <pbonzini@redhat.com>
MIME-Version: 1.0
References: <1309883290-17595-1-git-send-email-agraf@suse.de>	<1309883290-17595-2-git-send-email-agraf@suse.de>	<CAAu8pHu-uVciPeHy9kNmdeUXTj3rLWwpukB7T+J1FodpN5koEg@mail.gmail.com>	<A9909ED1-5998-4B92-A3E2-B2892EC098DB@suse.de>	<CAAu8pHugzOk6vxvxQqbLgmwnNfZ1tO+VsFRgdTFA8jkVJCf60w@mail.gmail.com>	<88EE018B-0308-48B5-80F8-B83D744E41A2@suse.de>	<CAAu8pHvsXbJZG0nA7SPGvSNo-7LKnW=bZrFnqG3q1zSCBTTGkA@mail.gmail.com>	<484E8730-8686-4FBE-9C50-2211C9C4E929@suse.de>	<4E1437D8.3030103@redhat.com>
	<3DEFAA16-DAD1-4F26-A4C6-A8C4CB1E11B4@suse.de>
	<4E145D1C.9050506@suse.de>
In-Reply-To: <4E145D1C.9050506@suse.de>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH 1/9] exec: add endian specific phys ld/st
 functions
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Hannes Reinecke <hare@suse.de>
Cc: Blue Swirl <blauwirbel@gmail.com>, Alexander Graf <agraf@suse.de>, "qemu-devel@nongnu.org Developers" <qemu-devel@nongnu.org>

On 07/06/2011 03:03 PM, Hannes Reinecke wrote:
>
> uint32_t ldub_phys(target_phys_addr_t addr);
> uint32_t lduw_phys(target_phys_addr_t addr);
>
> Hmm? ldub is supposed to read an 'unsigned byte' (uint8_t),
> and lduw is supposed to read an 'unsigned word' (uint16_t).
>
> Why does it return an uint32_t?

I don't know if this is the reason, but uint{8,16}_t are promoted to a 
signed int.  So when you do

   (uint64_t) (ldub_phys (addr) << 24)

you'd get a sign extension in bits 32-63.  Admittedly a bit contrived, 
but it can happen and QEMU is full of such bugs:

     case 4:
         lba = (uint64_t) buf[9] | ((uint64_t) buf[8] << 8) |
               ((uint64_t) buf[7] << 16) | ((uint64_t) buf[6] << 24) |
               ((uint64_t) buf[5] << 32) | ((uint64_t) buf[4] << 40) |
               ((uint64_t) buf[3] << 48) | ((uint64_t) buf[2] << 56);
         break;

(found by Coverity).

This was the reason for my series at 
http://permalink.gmane.org/gmane.comp.emulators.qemu/105336 (which you 
reminded me to ping---thanks!)

Paolo